Lucene search
K

59 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:5 a.m.5 views

SUSE CVE-2016-3074

Integer signedness error in GD Graphics Library 2.1.1 aka libgd or libgd2 allows remote attackers to cause a denial of service crash or potentially execute arbitrary code via crafted compressed gd2 data, which triggers a heap-based buffer overflow...

9.8CVSS8.2AI score0.36974EPSS
Exploits8References5
SUSE CVE
SUSE CVE
added 2023/02/15 4:30 a.m.4 views

SUSE CVE-2018-6412

In the function sbusfbioctlhelper in drivers/video/fbdev/sbuslib.c in the Linux kernel through 4.15, an integer signedness error allows arbitrary information leakage for the FBIOPUTCMAPSPARC and FBIOGETCMAPSPARC commands...

7.5CVSS7.6AI score0.02379EPSS
Exploits0References3
NVD
NVD
added 2020/11/30 6:15 p.m.19 views

CVE-2020-28926

ReadyMedia aka MiniDLNA before versions 1.3.0 allows remote code execution. Sending a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer overflow in calls to memcpy/memmove...

9.8CVSS10AI score0.14344EPSS
Exploits1References4
OSV
OSV
added 2020/11/30 6:15 p.m.2 views

DEBIAN-CVE-2020-28926

ReadyMedia aka MiniDLNA before versions 1.3.0 allows remote code execution. Sending a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer overflow in calls to memcpy/memmove...

9.8CVSS9.3AI score0.14344EPSS
Exploits1References1
Prion
Prion
added 2020/11/30 6:15 p.m.24 views

Buffer overflow

ReadyMedia aka MiniDLNA before versions 1.3.0 allows remote code execution. Sending a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer overflow in calls to memcpy/memmove...

7.5CVSS9.8AI score0.14344EPSS
Exploits1References4Affected Software2
UbuntuCve
UbuntuCve
added 2020/11/30 6:15 p.m.37 views

CVE-2020-28926

ReadyMedia aka MiniDLNA before versions 1.3.0 allows remote code execution. Sending a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer overflow in calls to memcpy/memmove...

9.8CVSS7.3AI score0.14344EPSS
Exploits1References5
CVE
CVE
added 2020/11/30 5:9 p.m.196 views

CVE-2020-28926

CVE-2020-28926 affects ReadyMedia (MiniDLNA) prior to 1.3.0 and enables remote code execution via a malicious UPnP HTTP request using HTTP chunked encoding, triggering a signedness bug that leads to a buffer overflow in memcpy/memmove. Multiple connected advisories confirm the issue and provide f...

9.8CVSS9.7AI score0.14344EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2020/11/30 5:9 p.m.31 views

CVE-2020-28926

ReadyMedia aka MiniDLNA before versions 1.3.0 allows remote code execution. Sending a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer overflow in calls to memcpy/memmove...

9.9AI score0.14344EPSS
Exploits1References4
AlpineLinux
AlpineLinux
added 2020/11/30 5:9 p.m.45 views

CVE-2020-28926

ReadyMedia aka MiniDLNA before versions 1.3.0 allows remote code execution. Sending a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer overflow in calls to memcpy/memmove...

9.8CVSS10AI score0.14344EPSS
Exploits1
OSV
OSV
added 2020/03/16 6:15 p.m.7 views

CVE-2019-19945

uhttpd in OpenWrt through 18.06.5 and 19.x through 19.07.0-rc2 has an integer signedness error. This leads to out-of-bounds access to a heap buffer and a subsequent crash. It can be triggered with an HTTP POST request to a CGI script, specifying both "Transfer-Encoding: chunked" and a large...

7.5CVSS5.8AI score0.01551EPSS
Exploits0References2
OSV
OSV
added 2018/01/16 9:29 a.m.3 views

ALPINE-CVE-2018-5711

gdgifin.c in the GD Graphics Library aka libgd, as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or...

5.5CVSS6.9AI score0.13204EPSS
Exploits1References1
OSV
OSV
added 2018/01/16 12:0 a.m.3 views

UBUNTU-CVE-2018-5711

gdgifin.c in the GD Graphics Library aka libgd, as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or...

5.5CVSS6.6AI score0.13204EPSS
Exploits1References5
OSV
OSV
added 2017/09/07 6:29 a.m.2 views

DEBIAN-CVE-2017-14169

In the mxfreadprimerpack function in libavformat/mxfdec.c in FFmpeg 3.3.3 - 2.4, an integer signedness error might occur when a crafted file, which claims a large "itemnum" field such as 0xffffffff, is provided. As a result, the variable "itemnum" turns negative, bypassing the check for a large...

8.8CVSS8.4AI score0.02575EPSS
Exploits0References1
exploitpack
exploitpack
added 2012/08/01 12:0 a.m.86 views

eGlibc - Signedness Code Execution

eGlibc - Signedness Code Execution Exploit Title: eGlibc Signedness Vulnerability Date: November 2011 Exploit Author: c0ntex Vendor Homepage: http://www.eglibc.org Software Link: http://www.eglibc.org/home Version: eGlibc supplied by Ubuntu 10.4 LTS Tested on: Ubuntu 10.4 LTS CVE : CVE-2011-2702 ...

6.8CVSS0.5AI score0.08458EPSS
Exploits6
RedHat Linux
RedHat Linux
added 2011/10/20 5:20 p.m.9 views

kernel: cifs: signedness issue in CIFSFindNext()

Integer signedness error in the CIFSFindNext function in fs/cifs/cifssmb.c in the Linux kernel before 3.1 allows remote CIFS servers to cause a denial of service memory corruption or possibly have unspecified other impact via a large length value in a response to a read request for a directory...

8.8CVSS7.5AI score0.01077EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2011/05/10 6:7 p.m.11 views

kernel: drm_modeset_ctl signedness issue

Integer signedness error in the drmmodesetctl function in 1 drivers/gpu/drm/drmirq.c in the Direct Rendering Manager DRM subsystem in the Linux kernel before 2.6.38 and 2 sys/dev/pci/drm/drmirq.c in the kernel in OpenBSD before 4.9 allows local users to trigger out-of-bounds write operations, and...

7.2CVSS5.9AI score0.00407EPSS
Exploits2References4
Positive Technologies
Positive Technologies
added 2010/12/29 12:0 a.m.5 views

PT-2010-1054 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.36.2 kernel-devel-2.6.9 version kernel-doc-2.6.9 version kernel-hugemem-2.6.9 version kernel-2.6.9 version kernel-largesmp-2.6.9 version kernel-smp-devel-2.6.9 version kernel-smp-2.6.9 version...

10CVSS5.7AI score0.05542EPSS
Exploits23References85
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.25 views

openSUSE 10 Security Update : freetype2 (freetype2-3744)

This update of freetype2 fixes an integer signedness bug when handling TTF images. This bug can lead to a heap overflow that can be exploited to execute arbitrary code. CVE-2007-2754 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

6.8CVSS5.9AI score0.05833EPSS
Exploits1References1
securityvulns
securityvulns
added 2004/06/29 12:0 a.m.27 views

DLINK 614+ - SOHO routers, DHCP service DOS

TITLE: DLINK 614+ - SOHO routers, DHCP service DOS http://www.dlink.com TYPE: signedness bug QUOTE from DLINK: The AirPlus DI-614+ combines the latest advancements in 802.11b silicon chip design from Texas Instruments, utilizing their patented Digital Signal ProcessingTM technology, and D-Link?s...

7.3AI score
Exploits0
Rows per page
Query Builder