Null pointer dereference

A null pointer dereference issue was found in Libtiff's tifdir.c file. This issue may allow an attacker to pass a crafted TIFF image file to the tiffcp utility which triggers a runtime error that causes undefined behavior. This will result in an application crash, eventually leading to a denial o...

CVE-2023-2908 Libtiff: null pointer dereference in tif_dir.c

A null pointer dereference issue was found in Libtiff's tifdir.c file. This issue may allow an attacker to pass a crafted TIFF image file to the tiffcp utility which triggers a runtime error that causes undefined behavior. This will result in an application crash, eventually leading to a denial o...

CVE-2023-2908 Libtiff: null pointer dereference in tif_dir.c

A null pointer dereference issue was found in Libtiff's tifdir.c file. This issue may allow an attacker to pass a crafted TIFF image file to the tiffcp utility which triggers a runtime error that causes undefined behavior. This will result in an application crash, eventually leading to a denial o...

snappy-java's Integer Overflow vulnerability in compress leads to DoS

Summary Due to unchecked multiplications, an integer overflow may occur, causing an unrecoverable fatal error. Impact Denial of Service Description The function compresschar...

Integer Overflow in tjexample.c

Description The tjexample.c example program uses tjAlloc function to allocate the output buffer of the JPEG buffer. tjAlloc uses malloc which takes a sizet number of bytes an unsigned integer. However, tjAlloc itself takes the number of bytes as a signed integer:...

Potential Division by Zero in utilizationRate method

Lines of code Vulnerability details Impact In the case where cash + borrows - reserves equals 0, the function would try to divide by zero which will result in a runtime error. Proof of Concept An attacker might manipulate the state of the contract to where cash + borrows - reserves equals zero...

Division by Zero Vulnerability in _calculateNewRewards function.

Lines of code Vulnerability details Impact The calculateNewRewards function in the smart contract performs a division operation with totalInterestEarnedInPeriod, which could be zero, but there is a problem that can result in a division-by-zero error, causing the smart contract to behave...

Citrix Workspace App installation fails on Windows Server 2012 R2

Citrix Workspace App CWA version 2109 and above will fail to install on Windows Server 2012 R2 Systems with the error "Unable to install the following prerequisites. Install them manually and then try to install Citrix workspace App again.” Microsoft Edge Webview2 Runtime: Error Code: -2147219198...

SUSE CVE-2018-17075

The html package aka x/net/html before 2018-07-13 in Go mishandles "in frameset" insertion mode, leading to a "panic: runtime error" for html.Parse of , , or . This is related to HTMLTreeBuilder.cpp in WebKit...

SUSE CVE-2018-17143

The html package aka x/net/html through 2018-09-17 in Go mishandles , leading to a "panic: runtime error" in inBodyIM in parse.go during an html.Parse call...

SUSE CVE-2018-17847

The html package aka x/net/html through 2018-09-25 in Go mishandles , leading to a "panic: runtime error" index out of range in nodeStack.pop in node.go, called from parser.clearActiveFormattingElements, during an html.Parse call...

buffer over-read in function mhas_dmx_process filters/reframe_mhas.c

Version ➜ gcc git:master ✗ ./MP4Box -version MP4Box - GPAC version 2.3-DEV-rev40-g3602a5ded-master c 2000-2023 Telecom Paris distributed under LGPL v2.1+ - http://gpac.io Please cite our work in your research: GPAC Filters: https://doi.org/10.1145/3339825.3394929 GPAC:...

off-by-one error in function gf_text_get_utf8_line filters/load_text.c

Version MP4Box - GPAC version 2.3-DEV-rev40-g3602a5ded-master c 2000-2023 Telecom Paris distributed under LGPL v2.1+ - http://gpac.io Please cite our work in your research: GPAC Filters: https://doi.org/10.1145/3339825.3394929 GPAC: https://doi.org/10.1145/1291233.1291452 GPAC Configuration:...

Denial of Service in dhowden/tag

dhowden tag before 0.0.0-20201120070457-d52dcb253c63 allows panic: runtime error: index out of range via readPICFrame...

NULL Pointer Dereference

Environment bash Distributor ID: Debian Description: Debian GNU/Linux bookworm/sid Release: n/a Codename: bookworm Version I checked against the latest release as of 12/27/22 version 5.8.0 and the current master branch at commit 031da1be8f6c9aa55f6e4e76df962d2c85dc32e8 . Description This...

Need to check the validity of _blockNumber.

Lines of code Vulnerability details Impact The validity of blockNumber is not checked before hand, and thus would result in runtime error. Proof of Concept Tools Used Recommended Mitigation Steps It is suggested to add the following codes before the linked code at if blockNumber = block.number...

golang.org/x/net/html Improper Validation of Array Index vulnerability

The html package aka x/net/html through 2018-09-25 in Go mishandles , leading to a "panic: runtime error" index out of range in insertionModeStack.pop in node.go, called from inHeadIM, during an html.Parse call...

golang.org/x/net/html has Improper Restriction of Operations within the Bounds of a Memory Buffer

The html package aka x/net/html through 2018-09-25 in Go mishandles , leading to a panic: runtime error index out of range in nodeStack.pop in node.go, called from parser.clearActiveFormattingElements, during an html.Parse call...

GHSA-FCF9-6FV2-FC5V golang.org/x/net/html has Improper Restriction of Operations within the Bounds of a Memory Buffer

The html package aka x/net/html through 2018-09-17 in Go mishandles , leading to a "panic: runtime error" in inBodyIM in parse.go during an html.Parse call...

golang.org/x/net/html has Improper Restriction of Operations within the Bounds of a Memory Buffer

The html package aka x/net/html through 2018-09-17 in Go mishandles , leading to a "panic: runtime error" in inBodyIM in parse.go during an html.Parse call...