22 matches found
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: usb: early: xhci-dbc: Fixed a potential out-of-bound memory access issue. If xdbcbulkwrite fails, the values in ‘buf’ can be anything. Therefore, the string is not guaranteed to be NULL-terminated when xdbcTrace is called. Reserv...
EUVD-2026-25193
Libgcrypt before 1.12.2 mishandles Dilithium signing. Writes to a static array lack a bounds check but do not use attacker-controlled data...
CVE-2026-22184
zlib versions up to and including 1.3.1.2 include a global buffer overflow in the untgz utility located under contrib/untgz. The vulnerability is limited to the standalone demonstration utility and does not affect the core zlib compression library. The flaw occurs when a user executes the untgz...
EUVD-2021-8984
Malicious code in bioql PyPI...
SUSE CVE-2025-48386
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The wincred credential helper uses a static buffer target as a unique key for storing and comparing against internal storage. This...
ALPINE-CVE-2025-48386
Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. The wincred credential helper uses a static buffer target as a unique key for storing and comparing against internal storage. This...
Stack overflow
Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to memcpy copying the path provided by the user into a staticly sized buffer without any length checks resulting in a stack-buffer overflo...
Stack overflow
A stack-based buffer overflow vulnerability exists in the command-line-parsing HandleFileArg functionality of AT&T Labs' Xmill 0.7. Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to...
CVE-2021-21812
A stack-based buffer overflow vulnerability exists in the command-line-parsing HandleFileArg functionality of AT&T Labs’ Xmill 0.7. Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to...
Adobe Acrobat Reader DC for Windows - Static Buffer Overflow due to Malformed Font Stream
We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- 188c.47fc: Access violation - code c0000005 first chance First chance exceptions are reported before any exception handling. This...
Adobe Acrobat Reader DC for Windows - Static Buffer Overflow due to Malformed Font Stream
Adobe Acrobat Reader DC for Windows - Static Buffer Overflow due to Malformed Font Stream We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- 188c.47fc: Access violation - code...
MGASA-2017-0366 Updated x11-server packages fix security vulnerabilities
In Xext/shm, the shmseg resource id can belong to a non-existing client and abort X server with FatalError "client not in use", or overwrite existing segment of another existing client CVE-2017-13721. Generating strings for XKB data used a single shared static buffer, which offered several...
FreeBSD -- link_ntoa(3) buffer overflow
Problem Description: A specially crafted argument can trigger a static buffer overflow in the library, with possibility to rewrite following static buffers that belong to other library functions. Impact: Due to very limited use of the function in the existing applications, and limited length of t...
Wireshark - my_dgt_tbcd_unpack Static Buffer Overflow
Exploit for multiple platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=649 The following crash due to a static buffer overflow can be observed in an ASAN build of Wireshark current git master, by feeding a malformed file to tshark "$ ./tsha...
Wireshark - my_dgt_tbcd_unpack Static Buffer Overflow
Wireshark - mydgttbcdunpack Static Buffer Overflow Source: https://code.google.com/p/google-security-research/issues/detail?id=649 The following crash due to a static buffer overflow can be observed in an ASAN build of Wireshark current git master, by feeding a malformed file to tshark "$ ./tshar...
FreeBSD : plib -- buffer overflow (13bf0602-c08a-11e2-bb21-083e8ed0f47b)
Secunia reports : A vulnerability has been discovered in PLIB, which can be exploited by malicious people to compromise an application using the library. The vulnerability is caused due to a boundary error within the 'ulSetError' function src/util/ulError.cxx when creating the error message, whic...
HP OpenView NNM ovwebsnmpsrv.exe Command Line Argument Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard OpenView Network Node Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ovwebsnmpsrv.exe process which can be reached remote...
Mandriva Update for SDL_image MDVSA-2008:040 (SDL_image)
Check for the Version of SDLimage OpenVAS Vulnerability Test Mandriva Update for SDLimage MDVSA-2008:040 SDLimage Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
ZDI-08-043: Sun Java Web Start vm args Stack Buffer Overflow
ZDI-08-043: Sun Java Web Start vm args Stack Buffer Overflow http://www.zerodayinitiative.com/advisories/ZDI-08-043 July 17, 2008 -- Affected Vendors: Sun Microsystems -- Affected Products: Sun Microsystems Java Runtime -- TippingPointTM IPS Customer Protection: TippingPoint IPS customers have be...
sdl_image -- buffer overflow vulnerabilities
Secunia reports: Two vulnerabilities have been reported in SDLimage, which can be exploited by malicious people to cause a Denial of Service or potentially compromise an application using the library. A boundary error within the LWZReadByte function in IMGgif.c can be exploited to trigger the...