CVE-2021-26825

An integer overflow issue exists in Godot Engine up to v3.2 that can be triggered when loading specially crafted.TGA image files. The vulnerability exists in ImageLoaderTGA::loadimage function at line: const sizet buffersize = tgaheader.imagewidth tgaheader.imageheight pixelsize; The bug leads to...

Integer overflow

An integer overflow issue exists in Godot Engine up to v3.2 that can be triggered when loading specially crafted.TGA image files. The vulnerability exists in ImageLoaderTGA::loadimage function at line: const sizet buffersize = tgaheader.imagewidth tgaheader.imageheight pixelsize; The bug leads to...

CVE-2021-26825

An integer overflow issue exists in Godot Engine up to v3.2 that can be triggered when loading specially crafted.TGA image files. The vulnerability exists in ImageLoaderTGA::loadimage function at line: const sizet buffersize = tgaheader.imagewidth tgaheader.imageheight pixelsize; The bug leads to...

CVE-2021-26825

CVE-2021-26825 affects Godot Engine up to v3.2. The vulnerability is in ImageLoaderTGA::load_image(), where the buffer_size is computed as (tga_header.image_width * tga_header.image_height) * pixel_size, causing a dynamic stack buffer overflow. Impact: potential code execution and/or crash, with ...

OSV-2021-304 Stack-buffer-overflow in processClientServerHello

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30393 Crash type: Stack-buffer-overflow WRITE 6 Crash state: processClientServerHello processTLSBlock ndpisearchtlstcp...

Gitea Stack Buffer Overflow Vulnerability

Gitea is an open source community-driven clone of Gogs, a lightweight code hosting solution with a backend written in Go under the MIT license. A stack buffer overflow vulnerability exists in gitea versions 1.9.0 through 1.13.1. A remote attacker can exploit this vulnerability to cause a denial o...

Fortinet FortiWeb Stack Buffer Overflow Vulnerability

Fortinet FortiWeb is a Web application layer firewall from the U.S. company Fita Fortinet, which can block threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks to ensure the security of Web applications and protect sensitive database content. A...

CVE-2021-3382

Stack buffer overflow vulnerability in gitea 1.9.0 through 1.13.1 allows remote attackers to cause a denial of service crash via vectors related to a file path...

CVE-2021-3382

Stack buffer overflow vulnerability in gitea 1.9.0 through 1.13.1 allows remote attackers to cause a denial of service crash via vectors related to a file path...

CVE-2021-3382

The CVE concerns Gitea versions 1.9.0 through 1.13.1, where a stack buffer overflow vulnerability allows remote attackers to cause a denial of service (crash) via vectors related to a file path. The connected data consistently describe this as a stack-based overflow affecting gitea in that versio...

CVE-2021-3382

Stack buffer overflow vulnerability in gitea 1.9.0 through 1.13.1 allows remote attackers to cause a denial of service crash via vectors related to a file path...

Gitea 缓冲区错误漏洞

Gitea is an open source community-driven clone of Gogs, a lightweight code hosting solution with a backend written in Go under the MIT license. A stack buffer overflow vulnerability exists in gitea versions 1.9.0 through 1.13.1. A remote attacker can exploit this vulnerability to cause a denial o...

CVE-2020-25856

The function DecWPA2KeyData in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 up to and excluding 2.08 does not validate the size parameter for an rtlmemcpy operation, resulting in a stack buffer overflow which can be exploited for remote code execution or denial of...

CVE-2020-25854

The function DecWPA2KeyData in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 up to and excluding 2.08 does not validate the size parameter for an internal function, rtarc4cryptveneer or AESUnWRAPveneer, resulting in a stack buffer overflow which can be exploited for...

CVE-2020-25854

The CVE-2020-25854 issue affects Realtek RTL8195A Wi‑Fi Module before April 2020 (up to but excluding 2.08). The DecWPA2KeyData() path does not validate the size for internal veneers rt_arc4_crypt_veneer() or _AES_UnWRAP_veneer(), causing a stack buffer overflow that can enable remote code execut...

CVE-2020-25854

The function DecWPA2KeyData in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 up to and excluding 2.08 does not validate the size parameter for an internal function, rtarc4cryptveneer or AESUnWRAPveneer, resulting in a stack buffer overflow which can be exploited for...

CVE-2020-25855

The function AESUnWRAP in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 up to and excluding 2.08 does not validate the size parameter for a memcpy operation, resulting in a stack buffer overflow which can be exploited for remote code execution or denial of service. An...

CVE-2020-25856

The function DecWPA2KeyData in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 up to and excluding 2.08 does not validate the size parameter for an rtlmemcpy operation, resulting in a stack buffer overflow which can be exploited for remote code execution or denial of...

CVE-2020-25856

Summary: CVE-2020-25856 affects Realtek RTL8195A Wi‑Fi Module. A stack buffer overflow exists in DecWPA2KeyData() due to unvalidated size in an rtl_memcpy() call for versions released before April 2020 (up to and excluding 2.08). This can be exploited to achieve remote code execution or denial of...

Stack overflow

In aee, there is a possible memory corruption due to a stack buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05457070...