121 matches found
CVE-2020-12247
In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can obtain sensitive information from an out-of-bounds read because a text-string index continues to be used after splitting a string into two parts. A crash may also occur...
skia:sksl2spirv: Null-dereference READ with empty stacktrace
Detailed Report: https://oss-fuzz.com/testcase?key=5806581326020608 Project: skia Fuzzing Engine: libFuzzer Fuzz Target: sksl2spirv Job Type: libfuzzerubsanskia Platform Id: linux Crash Type: Null-dereference READ Crash Address: 0x000000000000 Crash State: NULL Sanitizer: undefined UBSAN Crash...
DEBIAN-CVE-2020-11098
In FreeRDP before version 2.1.2, there is an out-of-bound read in glyphcacheput. This affects all FreeRDP clients with +glyph-cache option enabled This is fixed in version 2.1.2...
PT-2020-12510 · Freerdp +6 · Freerdp +6
Name of the Vulnerable Software and Affected Versions: FreeRDP versions 1.1 through 1.9 Description: The issue involves an out-of-bound read of client memory that is then passed on to the protocol parser. This has been patched in version 2.0.0. Recommendations: For versions 1.1 through 1.9, updat...
Internet Bug Bounty: Invalid Read on exif_process_SOFn
This bug is present in exifscanthumbnail method of ext/exif/exif.c file. Detailed description and steps to reproduce for this bug is present in bug report submitted to php.net. Bug Report : https://bugs.php.net/bug.php?id=77540 PHP version : 7.1.26 CVE-ID : 2019-9640 Impact This bug may allow an...
CVE-2018-14545
There exists one invalid memory read bug in AP4SampleDescription::GetType in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp42ts...
CVE-2018-14545
There exists one invalid memory read bug in AP4SampleDescription::GetType in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp42ts...
CVE-2018-14544
CVE-2018-14544 concerns Bento4 1.5.1-624, where an invalid memory read in AP4_SampleDescription::GetFormat() can be triggered by crafted MP4 files (notably via mp42ts), leading to denial of service. The issue is documented across multiple feeds (NVD, OSV, CNVD, CVE list, Nessus/NASL notes) with c...
CVE-2018-14545
There are concrete details for CVE-2018-14545: Bento4 version 1.5.1-624 contains an invalid memory read in AP4_SampleDescription::GetType() (Ap4SampleDescription.h) that can cause a denial-of-service when processing crafted MP4 files, with exploitation potentially triggered by the mp42ts executab...
CVE-2017-18242
The applydependentcoupling function in libavcodec/aacdec.c in Libav 12.2 allows remote attackers to cause a denial of service out-of-bounds read via a crafted aac file...
UBUNTU-CVE-2017-12603
OpenCV Open Source Computer Vision Library through 3.3 has an invalid write in the cv::RLByteStream::getBytes function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::imread, as demonstrated by the 2-opencv-heapoverflow-fseek test case...
DEBIAN-CVE-2014-9844
The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service out-of-bounds read via a crafted image file...
libdwarf: arbitrary code execution
CVE-2016-5027 denial of service Multiple NULL pointer dereference issues in several functions of libdwarf/dwarfleb.c, where leb128length was wrongly assumed non-NULL. - CVE-2016-5028 denial of service NULL pointer dereference issue in printframeinstbytes. - CVE-2016-5029 denial of service NULL...
privoxy -- multiple vulnerabilities
Privoxy Developers reports: Fixed a DoS issue in case of client requests with incorrect chunk-encoded body. When compiled with assertions enabled the default they could previously cause Privoxy to abort. Reported by Matthew Daley. CVE-2015-1380. Fixed multiple segmentation faults and memory leaks...
DEBIAN-CVE-2014-6040
GNU C Library aka glibc before 2.20 allows context-dependent attackers to cause a denial of service out-of-bounds read and crash via a multibyte character value of "0xffff" to the iconv function when converting 1 IBM933, 2 IBM935, 3 IBM937, 4 IBM939, or 5 IBM1364 encoded data to UTF-8...
Slackware Advisory SSA:2009-170-01 libpng
The remote host is missing an update as announced via advisory SSA:2009-170-01. OpenVAS Vulnerability Test $Id: esoftslkssa200917001.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...
OpenJDK: off-by-one bug in ZIP reading code (JRE, 7118283)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect availability via unknown vectors...
RHEL 2.1 : dhcpcd (RHSA-2005:603)
An updated dhcpcd package that fixes a denial of service issue is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The dhcpcd package includes a DHCP client daemon. An out of bounds memory read bug was found in dhcpcd. A malicious...
Moderate: Red Hat Security Advisory: dhcpcd security update
An updated dhcpcd package that fixes a denial of service issue is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The dhcpcd package includes a DHCP client daemon. An out of bounds memory read bug was found in dhcpcd. A malicious...
RHEL 3 : squid (RHSA-2004:462)
An updated squid package that fixes a security vulnerability in the NTLM authentication helper is now available. Squid is a full-featured Web proxy cache. An out of bounds memory read bug was found within the NTLM authentication helper routine. If Squid is configured to use the NTLM authenticatio...