CVE-2026-33666

Zserio is a framework for serializing structured data with a compact and efficient way with low overhead. Prior to 2.18.1, in BitStreamReader.h readBytes / readString, the setBitPosition bounds check receives the overflowed value and is completely bypassed. The code then reads len bytes 512 MB fr...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the readBytes or readString functions in BitStreamReader when the setBitPosition process receives an overflowed value, bypassing bounds checks. An attacker can cause a segmentation fault and potentiall...

CVE-2026-33666

Zserio is a framework for serializing structured data with a compact and efficient way with low overhead. Prior to 2.18.1, in BitStreamReader.h readBytes / readString, the setBitPosition bounds check receives the overflowed value and is completely bypassed. The code then reads len bytes 512 MB fr...

CVE-2026-33666

Zserio has a vulnerability in BitStreamReader.h readBytes()/readString() prior to 2.18.1 where setBitPosition() bounds checking can be bypassed on overflow, causing the code to read a large len (up to 512 MB) from a very small buffer and trigger a segmentation fault. The issue is fixed in 2.18.1....

EUVD-2026-25593

Zserio is a framework for serializing structured data with a compact and efficient way with low overhead. Prior to 2.18.1, in BitStreamReader.h readBytes / readString, the setBitPosition bounds check receives the overflowed value and is completely bypassed. The code then reads len bytes 512 MB fr...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the readString function when processing a manipulated DATA Submessage with DDS Security enabled. An attacker can cause remote process termination by sending a specially crafted SPDP packet that tampers wit...

CVE-2025-62601 FastDDS has heap buffer overflow in readString via Manipulated DATA Submessage when DDS Security is enabled

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes a heap buffer overflow,...

CVE-2025-62601 FastDDS has heap buffer overflow in readString via Manipulated DATA Submessage when DDS Security is enabled

Fast DDS is a C++ implementation of the DDS Data Distribution Service standard of the OMG Object Management Group . Prior to versions 3.4.1, 3.3.1, and 2.6.11, when the security mode is enabled, modifying the DATA Submessage within an SPDP packet sent by a publisher causes a heap buffer overflow,...

EUVD-2023-37873

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2017-8782

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The readString function in util/read.c and util/old/read.c in libming 0.4.8 allows remote attackers to cause a denial of service via a large file that is...

CVE-2025-42994

SAP MDM Server ReadString function allows an attacker to send specially crafted packets which could trigger a memory read access violation in the server process that would then fail and exit unexpectedly causing high impact on availability with no impact on confidentiality and integrity of the...

SAP MDM Server 安全漏洞

SAP MDM Server is an MDM server from SAP, Germany. A security vulnerability exists in SAP MDM Server that stems from a memory read access violation triggered by the ReadString function when processing specially crafted packets, which could lead to an unexpected termination of the server process...

UBUNTU-CVE-2025-46687

quickjs-ng through 0.9.0 has a missing length check in JSReadString for a string, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected...

Denial Of Service (DoS)

github.com/hamba/avro is vulnerable to Denial Of Service DoS. The vulnerability exists in the ReadString function of reader.go because config.go does not properly restrict the maximum size of bytes and string types, allowing an attacker to cause an application crash by providing a maliciously...

Denial Of Service (DoS)

libmp4v2.so is vulnerable to Denial of Service DoS. The vulnerability exists in via MP4File::ReadString at mp4fileio.cpp because the memory allocation is not properly implemented which allows an attacker to cause memory leaks resulting in an application crash...

CVE-2023-33718

mp4v2 v2.1.3 was discovered to contain a memory leak via MP4File::ReadString at mp4fileio.cpp...

Memory corruption

mp4v2 v2.1.3 was discovered to contain a memory leak via MP4File::ReadString at mp4fileio.cpp...

CVE-2023-33718

mp4v2 v2.1.3 was discovered to contain a memory leak via MP4File::ReadString at mp4fileio.cpp...

MP4v2 安全漏洞

MP4v2 is a library for creating, modifying and reading MP4 files by the individual developer enzo1982. A security vulnerability exists in MP4v2 version v2.1.3, which stems from a memory leak in MP4File::ReadString in mp4fileio.cpp...

PT-2023-24455 · Mp4V2 · Mp4V2

Name of the Vulnerable Software and Affected Versions: mp4v2 version 2.1.3 Description: A memory leak was discovered in mp4v2 via the MP4File::ReadString function at mp4file io.cpp. Recommendations: For mp4v2 version 2.1.3, consider restricting access to the MP4File::ReadString function until a...