34 matches found
EUVD-2019-13446
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2025-9396
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security flaw has been discovered in ckolivas lrzip up to 0.651. This impacts the function GIstrtollinternal of the file strtoll.c. Performing manipulation...
CVE-2025-9396
A security flaw has been discovered in ckolivas lrzip up to 0.651. This impacts the function GIstrtollinternal of the file strtoll.c. Performing manipulation results in null pointer dereference. The attack is only possible with local access. The exploit has been released to the public and may be...
SUSE CVE-2025-9396
A security flaw has been discovered in ckolivas lrzip up to 0.651. This impacts the function GIstrtollinternal of the file strtoll.c. Performing manipulation results in null pointer dereference. The attack is only possible with local access. The exploit has been released to the public and may be...
CVE-2025-9396
A security flaw has been discovered in ckolivas lrzip up to 0.651. This impacts the function GIstrtollinternal of the file strtoll.c. Performing manipulation results in null pointer dereference. The attack is only possible with local access. The exploit has been released to the public and may be...
DEBIAN-CVE-2025-9396
A security flaw has been discovered in ckolivas lrzip up to 0.651. This impacts the function GIstrtollinternal of the file strtoll.c. Performing manipulation results in null pointer dereference. The attack is only possible with local access. The exploit has been released to the public and may be...
CVE-2025-9396 ckolivas lrzip strtol_l.c __GI_____strtol_l_internal null pointer dereference
A security flaw has been discovered in ckolivas lrzip up to 0.651. This impacts the function GIstrtollinternal of the file strtoll.c. Performing manipulation results in null pointer dereference. The attack is only possible with local access. The exploit has been released to the public and may be...
CVE-2025-9396
A security flaw has been discovered in ckolivas lrzip up to 0.651. This impacts the function GIstrtollinternal of the file strtoll.c. Performing manipulation results in null pointer dereference. The attack is only possible with local access. The exploit has been released to the public and may be...
PT-2025-34574 · Ckolivas · Lrzip
Name of the Vulnerable Software and Affected Versions: ckolivas lrzip versions up to 0.651 Description: A security flaw exists in ckolivas lrzip up to version 0.651. The issue resides in the GI strtol l internal function within the strtol l.c file, leading to a null pointer dereference when...
OSV-2024-322 Container-overflow in strtol
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=68322 Crash type: Container-overflow READ 3 Crash state: strtol Pistache::Http::Private::BodyStep::Chunk::parse Pistache::Http::Private::BodyStep::parseTransferEncoding...
PT-2024-40712 · Pistache · Pistache
Name of the Vulnerable Software and Affected Versions: Pistache affected versions not specified Description: The issue is related to a crash caused by a container-overflow read. Technical details about the crash include the involvement of the strtol function,...
CVE-2021-36159
libfetch before 2021-07-26, as used in apk-tools, xbps, and other products, mishandles numeric strings for the FTP and HTTP protocols. The FTP passive mode implementation allows an out-of-bounds read because strtol is used to parse the relevant numbers into address bytes. It does not check if the...
K46552732: Wget vulnerability CVE-2017-13089
Security Advisory Description The http.c:skipshortbody function is called in some circumstances, such as when processing redirects. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol to read each chunk's length, but doesn't check that the chunk length is a...
K13288506: Wget vulnerability CVE-2017-13090
Security Advisory Description The retr.c:fdreadbody function is called when processing OK responses. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol to read each chunk's length, but doesn't check that the chunk length is a non-negative number. The code then...
OSV-2022-93 Heap-buffer-overflow in strtol
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44089 Crash type: Heap-buffer-overflow READ 2 Crash state: strtol parseprimitive plistfromjson...
CVE-2021-36159
libfetch before 2021-07-26, as used in apk-tools, xbps, and other products, mishandles numeric strings for the FTP and HTTP protocols. The FTP passive mode implementation allows an out-of-bounds read because strtol is used to parse the relevant numbers into address bytes. It does not check if the...
Design/Logic Flaw
libfetch before 2021-07-26, as used in apk-tools, xbps, and other products, mishandles numeric strings for the FTP and HTTP protocols. The FTP passive mode implementation allows an out-of-bounds read because strtol is used to parse the relevant numbers into address bytes. It does not check if the...
CVE-2021-36159
libfetch before 2021-07-26, as used in apk-tools, xbps, and other products, mishandles numeric strings for the FTP and HTTP protocols. The FTP passive mode implementation allows an out-of-bounds read because strtol is used to parse the relevant numbers into address bytes. It does not check if the...
CVE-2021-36159
libfetch before 2021-07-26, as used in apk-tools, xbps, and other products, mishandles numeric strings for the FTP and HTTP protocols. The FTP passive mode implementation allows an out-of-bounds read because strtol is used to parse the relevant numbers into address bytes. It does not check if the...
Denial Of Service (DoS)
libcurl.so is vulnerable to denial of service DoS. The vulnerability is possible because it does not properly handle the end-of-response for SMTP, leading to an out-of-bounds read if the strtol function is called. Therefore, it causes reading beyond the allocated buffer...