Lucene search
K

121 matches found

OSV
OSV
added 2020/09/04 4:15 a.m.3 views

CVE-2020-12247

In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can obtain sensitive information from an out-of-bounds read because a text-string index continues to be used after splitting a string into two parts. A crash may also occur...

7.1CVSS7.1AI score0.03607EPSS
Exploits1References1
ossfuzz
ossfuzz
added 2020/08/05 8:21 a.m.22 views

skia:sksl2spirv: Null-dereference READ with empty stacktrace

Detailed Report: https://oss-fuzz.com/testcase?key=5806581326020608 Project: skia Fuzzing Engine: libFuzzer Fuzz Target: sksl2spirv Job Type: libfuzzerubsanskia Platform Id: linux Crash Type: Null-dereference READ Crash Address: 0x000000000000 Crash State: NULL Sanitizer: undefined UBSAN Crash...

6.8AI score
Exploits0Affected Software1
OSV
OSV
added 2020/06/22 10:15 p.m.2 views

DEBIAN-CVE-2020-11098

In FreeRDP before version 2.1.2, there is an out-of-bound read in glyphcacheput. This affects all FreeRDP clients with +glyph-cache option enabled This is fixed in version 2.1.2...

6.5CVSS7.5AI score0.01666EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/04/09 12:0 a.m.13 views

PT-2020-12510 · Freerdp +6 · Freerdp +6

Name of the Vulnerable Software and Affected Versions: FreeRDP versions 1.1 through 1.9 Description: The issue involves an out-of-bound read of client memory that is then passed on to the protocol parser. This has been patched in version 2.0.0. Recommendations: For versions 1.1 through 1.9, updat...

9.8CVSS6.2AI score0.02689EPSS
Exploits26References297
Hacker One
Hacker One
added 2019/03/15 8:45 a.m.44 views

Internet Bug Bounty: Invalid Read on exif_process_SOFn

This bug is present in exifscanthumbnail method of ext/exif/exif.c file. Detailed description and steps to reproduce for this bug is present in bug report submitted to php.net. Bug Report : https://bugs.php.net/bug.php?id=77540 PHP version : 7.1.26 CVE-ID : 2019-9640 Impact This bug may allow an...

5CVSS8.4AI score0.06183EPSS
Exploits1
NVD
NVD
added 2018/07/23 8:29 a.m.20 views

CVE-2018-14545

There exists one invalid memory read bug in AP4SampleDescription::GetType in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp42ts...

5.5CVSS5.2AI score0.00837EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2018/07/23 8:29 a.m.26 views

CVE-2018-14545

There exists one invalid memory read bug in AP4SampleDescription::GetType in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp42ts...

5.5CVSS6.1AI score0.00837EPSS
Exploits0References2
CVE
CVE
added 2018/07/23 8:0 a.m.54 views

CVE-2018-14544

CVE-2018-14544 concerns Bento4 1.5.1-624, where an invalid memory read in AP4_SampleDescription::GetFormat() can be triggered by crafted MP4 files (notably via mp42ts), leading to denial of service. The issue is documented across multiple feeds (NVD, OSV, CNVD, CVE list, Nessus/NASL notes) with c...

5.5CVSS5.2AI score0.00837EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2018/07/23 8:0 a.m.46 views

CVE-2018-14545

There are concrete details for CVE-2018-14545: Bento4 version 1.5.1-624 contains an invalid memory read in AP4_SampleDescription::GetType() (Ap4SampleDescription.h) that can cause a denial-of-service when processing crafted MP4 files, with exploitation potentially triggered by the mp42ts executab...

5.5CVSS5.2AI score0.00837EPSS
Exploits0References1Affected Software1
UbuntuCve
UbuntuCve
added 2018/03/22 9:29 p.m.18 views

CVE-2017-18242

The applydependentcoupling function in libavcodec/aacdec.c in Libav 12.2 allows remote attackers to cause a denial of service out-of-bounds read via a crafted aac file...

6.5CVSS6.7AI score0.01206EPSS
Exploits0References1
OSV
OSV
added 2017/08/07 1:29 a.m.5 views

UBUNTU-CVE-2017-12603

OpenCV Open Source Computer Vision Library through 3.3 has an invalid write in the cv::RLByteStream::getBytes function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::imread, as demonstrated by the 2-opencv-heapoverflow-fseek test case...

8.8CVSS6.9AI score0.0197EPSS
Exploits0References4
OSV
OSV
added 2017/03/20 4:59 p.m.2 views

DEBIAN-CVE-2014-9844

The ReadRLEImage function in coders/rle.c in ImageMagick 6.8.9.9 allows remote attackers to cause a denial of service out-of-bounds read via a crafted image file...

5.5CVSS6.6AI score0.02054EPSS
Exploits0References1
ArchLinux
ArchLinux
added 2016/06/25 12:0 a.m.30 views

libdwarf: arbitrary code execution

CVE-2016-5027 denial of service Multiple NULL pointer dereference issues in several functions of libdwarf/dwarfleb.c, where leb128length was wrongly assumed non-NULL. - CVE-2016-5028 denial of service NULL pointer dereference issue in printframeinstbytes. - CVE-2016-5029 denial of service NULL...

3.9AI score0.04379EPSS
Exploits17References20
FreeBSD
FreeBSD
added 2015/01/26 12:0 a.m.27 views

privoxy -- multiple vulnerabilities

Privoxy Developers reports: Fixed a DoS issue in case of client requests with incorrect chunk-encoded body. When compiled with assertions enabled the default they could previously cause Privoxy to abort. Reported by Matthew Daley. CVE-2015-1380. Fixed multiple segmentation faults and memory leaks...

5CVSS6.7AI score0.03397EPSS
Exploits0References2
OSV
OSV
added 2014/12/05 4:59 p.m.4 views

DEBIAN-CVE-2014-6040

GNU C Library aka glibc before 2.20 allows context-dependent attackers to cause a denial of service out-of-bounds read and crash via a multibyte character value of "0xffff" to the iconv function when converting 1 IBM933, 2 IBM935, 3 IBM937, 4 IBM939, or 5 IBM1364 encoded data to UTF-8...

5CVSS8.2AI score0.06564EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2012/09/11 12:0 a.m.24 views

Slackware Advisory SSA:2009-170-01 libpng

The remote host is missing an update as announced via advisory SSA:2009-170-01. OpenVAS Vulnerability Test $Id: esoftslkssa200917001.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...

4.3CVSS0.2AI score0.02278EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2012/02/14 11:37 p.m.4 views

OpenJDK: off-by-one bug in ZIP reading code (JRE, 7118283)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 2 and earlier, 6 Update 30 and earlier, and 5.0 Update 33 and earlier allows remote attackers to affect availability via unknown vectors...

5CVSS6.9AI score0.03588EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2005/07/31 12:0 a.m.18 views

RHEL 2.1 : dhcpcd (RHSA-2005:603)

An updated dhcpcd package that fixes a denial of service issue is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The dhcpcd package includes a DHCP client daemon. An out of bounds memory read bug was found in dhcpcd. A malicious...

5CVSS5.1AI score0.01926EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2005/07/27 3:11 p.m.25 views

Moderate: Red Hat Security Advisory: dhcpcd security update

An updated dhcpcd package that fixes a denial of service issue is now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The dhcpcd package includes a DHCP client daemon. An out of bounds memory read bug was found in dhcpcd. A malicious...

5CVSS5.6AI score0.01926EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2004/10/02 12:0 a.m.26 views

RHEL 3 : squid (RHSA-2004:462)

An updated squid package that fixes a security vulnerability in the NTLM authentication helper is now available. Squid is a full-featured Web proxy cache. An out of bounds memory read bug was found within the NTLM authentication helper routine. If Squid is configured to use the NTLM authenticatio...

5CVSS5.5AI score0.10655EPSS
Exploits0References4
Rows per page
Query Builder