SUSE CVE-2018-20194

There is a stack-based buffer underflow in the third instance of the calculategain function in libfaad/sbrhfadj.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because limiting the additional noise energy...

CVE-2020-16273

In Arm software implementing the Armv8-M processors all versions, the stack selection mechanism could be influenced by a stack-underflow attack in v8-M TrustZone based processors. An attacker can cause a change to the stack pointer used by the Secure World from a non-secure application if the sta...

DEBIAN-CVE-2022-49611

In the Linux kernel, the following vulnerability has been resolved: x86/speculation: Fill RSB on vmexit for IBRS Prevent RSB underflow/poisoning attacks with RSB. While at it, add a bunch of comments to attempt to document the current state of tribal knowledge about RSB attacks and what exactly i...

PT-2024-25467 · Lunasvg · Lunasvg

Name of the Vulnerable Software and Affected Versions: lunasvg version 2.3.9 Description: A stack-buffer-underflow issue was discovered in lunasvg at lunasvg/source/layoutcontext.cpp. Recommendations: For lunasvg version 2.3.9, at the moment, there is no information about a newer version that...

CVE-2024-22955

swftools 0.9.2 was discovered to contain a stack-buffer-underflow vulnerability via the function parseExpression at swftools/src/swfc.c:2576...

UBUNTU-CVE-2024-22955

swftools 0.9.2 was discovered to contain a stack-buffer-underflow vulnerability via the function parseExpression at swftools/src/swfc.c:2576...

CVE-2024-22562

swftools 0.9.2 was discovered to contain a Stack Buffer Underflow via the function dictforeachkeyvalue at swftools/lib/q.c...

PT-2024-19627 · Swftools · Swftools

Name of the Vulnerable Software and Affected Versions: swftools version 0.9.2 Description: A stack-buffer-underflow issue was discovered in swftools via the parseExpression function at swftools/src/swfc.c:2576. This issue can potentially lead to a denial of service. Recommendations: For swftools...

OESA-2024-1057 espeak-ng security update

The eSpeak NG is a compact open source software text-to-speech synthesizer for Linux, Windows, Android and other operating systems. It supports 70 languages and accents. It is based on the eSpeak engine created by Jonathan Duddington. Security Fixes: Espeak-ng 1.52-dev was discovered to contain a...

OESA-2024-1021 espeak-ng security update

The eSpeak NG is a compact open source software text-to-speech synthesizer for Linux, Windows, Android and other operating systems. It supports 70 languages and accents. It is based on the eSpeak engine created by Jonathan Duddington. Security Fixes: Espeak-ng 1.52-dev was discovered to contain a...

AZL-34675 CVE-2023-49991 affecting package espeak-ng for versions less than 1.52.0-1

Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Underflow via the function CountVowelPosition at synthdata.c...

UBUNTU-CVE-2023-49991

Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Underflow via the function CountVowelPosition at synthdata.c...

kernel: KVM: VMX: Prevent RSB underflow before vmenter

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Prevent RSB underflow before vmenter On VMX, there are some balanced returns between the time the guest's SPECCTRL value is written, and the vmenter. Balanced returns matched by a preceding call are usually ok, but it's...

kernel: KVM: VMX: Prevent RSB underflow before vmenter

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Prevent RSB underflow before vmenter On VMX, there are some balanced returns between the time the guest's SPECCTRL value is written, and the vmenter. Balanced returns matched by a preceding call are usually ok, but it's...

PT-2022-36748 · Git +1 · Ghostscript

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-underflow read error. Technical details include the crash type and state, which involve functions such as gs type2...

Mozilla Firefox Security Advisory (MFSA2016-67) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

Stack overflow

In Arm software implementing the Armv8-M processors all versions, the stack selection mechanism could be influenced by a stack-underflow attack in v8-M TrustZone based processors. An attacker can cause a change to the stack pointer used by the Secure World from a non-secure application if the sta...

CVE-2020-16273

The vulnerability CVE-2020-16273 affects Armv8-M processors with the Security Extension. The stack selection mechanism can be influenced by a stack-underflow attack, allowing a non-secure application to alter the Secure World’s stack pointer if the stack isn’t initialized. This is tied to Arm sof...

CVE-2020-16273

In Arm software implementing the Armv8-M processors all versions, the stack selection mechanism could be influenced by a stack-underflow attack in v8-M TrustZone based processors. An attacker can cause a change to the stack pointer used by the Secure World from a non-secure application if the sta...

Microsoft DirectWrite / AFDKO - Interpreter Stack Underflow in OpenType Font Handling Due to Missing CHKUFLOW

-----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library written in C, which provides interfaces for reading and writing Type 1, OpenType, TrueType to some...