Lucene search
+L

23 matches found

snyk
snyk
added 2026/06/10 11:12 p.m.10 views

Allocation of Resources Without Limits or Throttling

Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...

8.7CVSS5.3AI score0.00346EPSS
Exploits0References2
cve
cve
added 2026/02/26 5:30 p.m.28 views

CVE-2026-23747

The CVE affects Golioth Firmware SDK versions 0.10.0 up to 0.21.x (fixed in v0.22.0). A stack-based buffer overflow occurs in Payload Utils via golioth_payload_as_int() and golioth_payload_as_float(), which copy network-provided payload data into fixed-size stack buffers using memcpy() with a len...

6.3CVSS5.8AI score0.00297EPSS
Exploits0References5
cnnvd
cnnvd
added 2026/01/10 12:0 a.m.5 views

HarfBuzz 安全漏洞

HarfBuzz is HarfBuzz open source a text engine for OpenType fonts. HarfBuzz version before 12.3.0 has a security vulnerability , the vulnerability stems from the SubtableUnicodesCache::create function does not check the hbmalloc return value , which may lead to null pointer dereferencing and...

5.3CVSS6.4AI score0.00377EPSS
Exploits1References4
osv
osv
added 2025/11/05 6:41 p.m.5 views

GO-2025-4087 Unchecked memory allocation during vector deserialization in github.com/consensys/gnark-crypto

Unchecked memory allocation during vector deserialization in github.com/consensys/gnark-crypto...

7.1AI score
Exploits0References4
euvd
euvd
added 2025/10/30 5:10 p.m.5 views

EUVD-2025-37035

gnark-crypto allows unchecked memory allocation during vector deserialization...

6.5AI score
Exploits0References4
github
github
added 2025/10/30 5:10 p.m.11 views

gnark-crypto allows unchecked memory allocation during vector deserialization

The issue has been reported by @raefko from @fuzzinglabs. Excerpts from the report: A critical vulnerability exists in the gnark-crypto library's Vector.ReadFrom function that allows an attacker to trigger arbitrary memory allocation by crafting malicious input data. An attacker can cause the...

7.4AI score
Exploits0References5Affected Software1
veracode
veracode
added 2025/05/06 1:6 p.m.13 views

Denial Of Service (DoS)

net-imap is vulnerable to Denial Of Service DoS. The vulnerability is due to memory exhaustion due to automatic and unchecked memory allocation when handling large 'literal' byte counts in server responses from untrusted IMAP servers...

6.5CVSS6.5AI score0.00412EPSS
Exploits0References10Affected Software2
bdu_fstec
bdu_fstec
added 2024/05/28 12:0 a.m.5 views

The vulnerability of the `vidtv_s302m_encoder_init()` function in the `drivers/media/test-drivers/vidtv/vidtv_s302m.c` file of the Vidtv driver for the Linux operating system, which allows a hacker to cause a service failure.

The vulnerability of the vidtvs302mencoderinit function in the drivers/media/test-drivers/vidtv/vidtvs302m.c file of the Vidtv driver for the Linux operating system is related to the lack of code checks for the vzalloc function’s return value. Exploiting this vulnerability could allow an attacker...

5.5CVSS6.8AI score0.00224EPSS
Exploits0References11Affected Software2
susecve
susecve
added 2023/02/15 4:35 a.m.3 views

SUSE CVE-2017-18210

In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function BenchmarkOpenCLDevices in MagickCore/opencl.c because a memory allocation result is not checked...

9.8CVSS6.9AI score0.02546EPSS
Exploits0References3
susecve
susecve
added 2023/02/15 3:31 a.m.6 views

SUSE CVE-2022-3104

An issue was discovered in the Linux kernel through 5.16-rc6. lkdtmARRAYBOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc and will cause the null pointer dereference...

5.5CVSS6.7AI score0.00227EPSS
Exploits0References9
redhat
redhat
added 2022/05/10 1:43 p.m.3 views

kernel: sfc_ef100: NULL pointer dereference in ef100_update_stats()

An issue was discovered in the Linux kernel through 5.16-rc6. ef100updatestats in drivers/net/ethernet/sfc/ef100nic.c lacks check of the return value of kmalloc...

5.5CVSS6.7AI score0.00214EPSS
Exploits0References4
prion
prion
added 2020/06/02 3:15 p.m.24 views

Buffer overflow

Buffer overflow in display function due to memory copy without checking length of size using strcpy function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8017,...

7.2CVSS7.8AI score0.00226EPSS
Exploits0References1
cnvd
cnvd
added 2019/10/09 12:0 a.m.3 views

MPC-HC Buffer Overflow Vulnerability

MPC-HC is an open source media player based on the Windows platform by the MPC-HC team. A buffer overflow vulnerability exists in MPC-HC 1.7.13 and earlier versions, which originates when a networked system or product performs an operation in memory without properly validating the data boundaries...

7.8CVSS7.3AI score0.00428EPSS
Exploits0References1
cnvd
cnvd
added 2019/08/14 12:0 a.m.4 views

ESTsoft Alzip Buffer Overflow Vulnerability (CNVD-2020-17027)

ESTsoft Alzip is a compression/decompression application from ESTsoft Korea that supports multiple formats. A buffer overflow vulnerability exists in ESTsoft Alzip 10.83 and prior versions, which originates when a networked system or product performs an operation in memory without properly...

7.8CVSS7.4AI score0.0162EPSS
Exploits0References1
bdu_fstec
bdu_fstec
added 2019/07/18 12:0 a.m.5 views

The vulnerability of the gsskrb5_extract_authz_data_from_sec_context_ex function in the gssapi module of the Secret Net Studio security system allows a attacker to cause a service failure.

The vulnerability of the gsskrb5extractauthzdatafromseccontextex function in the gssapi module of the Secret Net Studio security system is related to the lack of checks for the execution of the memory allocation command. Exploiting this vulnerability could allow a remote attacker to cause service...

2.2CVSS5.8AI score
Exploits0Affected Software1
cnvd
cnvd
added 2019/07/17 12:0 a.m.4 views

moinejf abcm2ps buffer overflow vulnerability

moinejf abcm2ps is a command line program that converts music tunes from ABC notation to PostScript or SVG format. The 'getkey' function in the parse.c file and the 'delayedoutput' function in the music.c file in moinejf abcm2ps 8.13.16 and earlier versions have a Buffer Overflow Vulnerability. T...

7.5AI score
Exploits0References1
cnvd
cnvd
added 2019/07/17 12:0 a.m.19 views

Quake3e Buffer Overflow Vulnerability

Quake3e is a Quake III Arena game engine. A buffer overflow vulnerability exists in versions prior to Quake3e 5ed740d. The vulnerability stems from a networked system or product performing operations in memory without properly validating data boundaries, resulting in incorrect read and write...

9.8CVSS7.3AI score0.02306EPSS
Exploits0References1
osv
osv
added 2019/05/28 3:29 a.m.6 views

CVE-2019-12378

An issue was discovered in ip6racontrol in net/ipv6/ipv6sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of newra, which might allow an attacker to cause a denial of service NULL pointer dereference and system crash. NOTE: This has been disputed as not an issue...

5.5CVSS5.9AI score
Exploits0References5
redhat
redhat
added 2014/12/11 7:41 p.m.5 views

xorg-x11-server: denial of service due to unchecked malloc in client authentication

It was found that the X.Org server did not properly handle SUN-DES-1 Secure RPC authentication credentials. A malicious, unauthenticated client could use this flaw to crash the X.Org server by submitting a specially crafted authentication request...

4.3CVSS6.8AI score0.04189EPSS
Exploits0References5
nessus
nessus
added 2011/01/27 12:0 a.m.24 views

SuSE 10 Security Update : amarok (ZYPP Patch Number 5931)

This update of amarok fixes several integer overflows and unchecked memory allocations that can be exploited by malformed Audible digital audio files. These bugs could be used in a user-assisted attack scenario to execute arbitrary code remotely. CVE-2009-0135 / CVE-2009-0136 %NASLMINLEVEL 70300 ...

9.3CVSS5.9AI score0.06903EPSS
Exploits2References4
Rows per page
Query Builder