22 matches found
file: Fix of CVE-2019-18218
CVE-2019-18218: fix heap-based buffer overflow in cdfreadpropertyinfo...
CVE-2026-41503
BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an out-of-bounds read vulnerability in bacnet-stack's ReadPropertyMultiple service property decoder allows unauthenticated remote attackers to read past allocated buffer boundaries by sending an RP...
CVE-2026-41503
BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an out-of-bounds read vulnerability in bacnet-stack's ReadPropertyMultiple service property decoder allows unauthenticated remote attackers to read past allocated buffer boundaries by sending an RP...
CVE-2026-41503
BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an out-of-bounds read vulnerability in bacnet-stack's ReadPropertyMultiple service property decoder allows unauthenticated remote attackers to read past allocated buffer boundaries by sending an RP...
CVE-2026-41503 BACnet Stack: Out-of-Bounds Read in ReadPropertyMultiple Property Decoder via Deprecated Tag Parser
BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an out-of-bounds read vulnerability in bacnet-stack's ReadPropertyMultiple service property decoder allows unauthenticated remote attackers to read past allocated buffer boundaries by sending an RP...
EUVD-2026-25625
BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an out-of-bounds read vulnerability in bacnet-stack's ReadPropertyMultiple service property decoder allows unauthenticated remote attackers to read past allocated buffer boundaries by sending an RP...
EUVD-2026-25624
BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an off-by-one out-of-bounds read vulnerability in bacnet-stack's ReadPropertyMultiple service decoder allows unauthenticated remote attackers to read one byte past an allocated buffer boundary by...
CVE-2026-41502
BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an off-by-one out-of-bounds read vulnerability in bacnet-stack's ReadPropertyMultiple service decoder allows unauthenticated remote attackers to read one byte past an allocated buffer boundary by...
CVE-2026-41502 BACnet Stack: Off-by-One Out-of-Bounds Read in ReadPropertyMultiple Object ID Decoder
BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an off-by-one out-of-bounds read vulnerability in bacnet-stack's ReadPropertyMultiple service decoder allows unauthenticated remote attackers to read one byte past an allocated buffer boundary by...
CVE-2026-41502
CVE-2026-41502 affects the BACnet Stack C library. The issue is an off-by-one out-of-bounds read in the rpm_decode_object_id() routine used by the ReadPropertyMultiple service decoder. It checks apdu_len
CVE-2026-41502 BACnet Stack: Off-by-One Out-of-Bounds Read in ReadPropertyMultiple Object ID Decoder
BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, an off-by-one out-of-bounds read vulnerability in bacnet-stack's ReadPropertyMultiple service decoder allows unauthenticated remote attackers to read one byte past an allocated buffer boundary by...
PT-2026-35078
Name of the Vulnerable Software and Affected Versions BACnet Stack versions prior to 1.4.3 Description An out-of-bounds read exists in the ReadPropertyMultiple service property decoder. Unauthenticated remote attackers can read past allocated buffer boundaries by sending a ReadPropertyMultiple...
PT-2026-35077
Name of the Vulnerable Software and Affected Versions BACnet Stack versions prior to 1.4.3 Description An off-by-one out-of-bounds read exists in the ReadPropertyMultiple service decoder. Unauthenticated remote attackers can read one byte past an allocated buffer boundary by sending a crafted RPM...
CVE-2025-62599
CVE-2025-62599 affects Fast DDS (DDS implementation). When security mode is enabled, modifying the DATA Submessage within an SPDP packet (PID_IDENTITY_TOKEN or PID_PERMISSION_TOKEN) by tampering with the length field in readPropertySeq causes an Out-Of-Memory (OOM) and remote termination. Affecte...
CVE-2025-62599 FastDDS has Out-of-Memory in readPropertySeq via Manipulated DATA Submessage when DDS Security is enabled
Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes an Out-Of-Memory OOM...
MiracleLinux 8 : file-5.33-20.el8 (AXSA:2021-2595:03)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2595:03 advisory. file: heap-based buffer overflow in cdfreadpropertyinfo in cdf.c CVE-2019-18218 Tenable has extracted the preceding description block directly from the...
SUSE CVE-2019-18218
cdfreadpropertyinfo in cdf.c in file through 5.37 does not restrict the number of CDFVECTOR elements, which allows a heap-based buffer overflow 4-byte out-of-bounds write...
DEBIAN-CVE-2009-0947
Multiple integer overflows in the 1 cdfreadpropertyinfo and 2 cdfreadsat functions in file before 5.02...
file: incomplete fix for CVE-2012-1571 in cdf_read_property_info
It was found that the fix for CVE-2012-1571 was incomplete; the File Information fileinfo extension did not correctly parse certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...
file: incomplete fix for CVE-2012-1571 in cdf_read_property_info
It was found that the fix for CVE-2012-1571 was incomplete; the File Information fileinfo extension did not correctly parse certain Composite Document Format CDF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file...