CVE-2020-5310

libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc...

CVE-2020-5310

libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc...

CVE-2020-5310

libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc...

CVE-2020-5310

libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc...

CVE-2020-5310

CVE-2020-5310 affects Pillow’s TIFF decoding path, specifically libImaging/TiffDecode.c. The root cause is a TIFF decoding integer overflow tied to memory reallocation (realloc), exposing Pillow versions prior to 6.2.2 to potential crash or compromise when processing crafted TIFF images. Affected...

CVE-2019-17178

HuffmanTreemakeFromFrequencies in lodepng.c in LodePNG through 2019-09-28, as used in WinPR in FreeRDP and other products, has a memory leak because a supplied realloc pointer i.e., the first argument to realloc is also used for a realloc return value...

Memory corruption

HuffmanTreemakeFromFrequencies in lodepng.c in LodePNG through 2019-09-28, as used in WinPR in FreeRDP and other products, has a memory leak because a supplied realloc pointer i.e., the first argument to realloc is also used for a realloc return value...

CVE-2019-17177

libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x through 2.0.0-rc4 has memory leaks because a supplied realloc pointer i.e., the first argument to realloc is also used for a realloc return value...

CVE-2019-17178

HuffmanTreemakeFromFrequencies in lodepng.c in LodePNG through 2019-09-28, as used in WinPR in FreeRDP and other products, has a memory leak because a supplied realloc pointer i.e., the first argument to realloc is also used for a realloc return value...

curl -- multiple vulnerabilities

curl security problems: CVE-2019-5481: FTP-KRB double-free libcurl can be told to use kerberos over FTP to a server, as set with the CURLOPTKRBLEVEL option. During such kerberos FTP data transfer, the server sends data to curl in blocks with the 32 bit size of each block first and then that amoun...

CVE-2018-11416

jpegoptim.c in jpegoptim 1.4.5 fixed in 1.4.6 has an invalid use of realloc and free, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact...

CVE-2018-11416

CVE-2018-11416 affects jpegoptim 1.4.5 (fixed in 1.4.6). The vulnerability stems from an invalid use of realloc() and free() in jpegoptim.c, allowing remote attackers to cause a denial of service (application crash) or potentially other impact. Affected: jpegoptim prior to 1.4.6. Remediation: upg...

Heap Viewer - An IDA Pro Plugin To Examine The Glibc Heap, Focused On Exploit Development

An IDA Pro plugin for now to examine the heap, focused on exploit development. Currently only supports glibc malloc ptmalloc2. Requirements IDA Pro = 6.9 Tested on glibc = 2.26 GraphView for linked lists bins/tcache Magic utils: Unlink merge info Fake fastbin finder House of force helper Useful...

CVE-2017-16796

In SWFTools 0.9.2, the pngload function in lib/png.c does not check the return value of a realloc call, which allows remote attackers to cause a denial of service invalid write and application crash or possibly have unspecified other impact via vectors involving an IDAT tag in a crafted PNG file...

shopify-scripts: SIGABRT - mirb and mruby

PoC ------------------- The following code triggers the bug attached as test.rb: def methodmissingm,e self.ff||=00end e Debug - mirb ------------------- x@x:/Desktop/test/mruby/bin$ gdb -q ./mirb Reading symbols from ./mirb...done. gdb r test.rb Starting program: /home/x/Desktop/test/mruby/bin/mi...

ALPINE-CVE-2016-10011

authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process...

CVE-2016-6309

statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call, which allows remote attackers to cause a denial of service use-after-free or possibly execute arbitrary code via a crafted TLS session...

Wireshark - addresses_equal 'dissect_rsvp_common' Use-After-Free

Source: https://code.google.com/p/google-security-research/issues/detail?id=645 The following crash due to a use-after-free condition can be observed in an ASAN build of Wireshark current git master, by feeding a malformed file to tshark "$ ./tshark -nVxr /path/to/file": Attached are three files...

Amazon Linux: Security Advisory (ALAS-2011-7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

dislocate 1.3 - Local i386 Exploit

No description provided by source. / MasterSecuritY www.mastersecurity.fr dislocate.c - Local i386 exploit in v1.3 Secure Locate v2.3 Copyright C 2000 Michel MaXX Kaempf [email protected] Updated versions of this exploit and the corresponding advisory will be made available at:...