1102 matches found
CVE-2019-1010319
Affected software: WavPack 5.1.0 and earlier. Vulnerability: CVE-2019-1010319 arises from use of an uninitialized variable in the ParseWave64HeaderConfig function (wave64.c:211), which can lead to unexpected control flow, crashes or segfaults. Attack vector: Maliciously crafted WAV files. Impact:...
CVE-2019-1010319
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseWave64HeaderConfig wave64.c:211. The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit...
UBUNTU-CVE-2019-1010317
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseCaffHeaderConfig caff.c:486. The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit...
UBUNTU-CVE-2019-1010319
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: ParseWave64HeaderConfig wave64.c:211. The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit...
DEBIAN-CVE-2019-11038
When using the gdImageCreateFromXbm function in the GD Graphics Library aka LibGD 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized...
CVE-2019-11038
When using the gdImageCreateFromXbm function in the GD Graphics Library aka LibGD 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized...
ALPINE-CVE-2019-11038
When using the gdImageCreateFromXbm function in the GD Graphics Library aka LibGD 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized...
CVE-2019-11038
When using the gdImageCreateFromXbm function in the GD Graphics Library aka LibGD 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized...
Code injection
When using the gdImageCreateFromXbm function in the GD Graphics Library aka LibGD 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized...
UBUNTU-CVE-2019-11038
When using the gdImageCreateFromXbm function in the GD Graphics Library aka LibGD 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized...
CVE-2019-11038
CVE-2019-11038 affects the GD Graphics Library (LibGD) 2.2.5 as used in the PHP gd extension. The flaw arises in gdImageCreateFromXbm(), where input data can cause the function to use an uninitialized variable, potentially leaking contents from stack memory. Affected PHP branches are 7.1.x below ...
CVE-2019-11038
When using the gdImageCreateFromXbm function in the GD Graphics Library aka LibGD 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized...
CVE-2019-11038
When using the gdImageCreateFromXbm function in the GD Graphics Library aka LibGD 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized...
CVE-2019-7321
Usage of an uninitialized variable in the function fzloadjpeg in Artifex MuPDF 1.14 can result in a heap overflow vulnerability that allows an attacker to execute arbitrary code...
PT-2019-18527 · Artifex · Artifex Mupdf
Name of the Vulnerable Software and Affected Versions: Artifex MuPDF version 1.14 Description: The issue is related to the usage of an uninitialized variable in the function fz load jpeg, which can result in a heap overflow. This allows an attacker to execute arbitrary code. Recommendations: For...
FFmpeg Uninitialized Variable Usage Vulnerability
FFmpeg is a set of open source computer programs that can be used to record, convert digital audio and video to streams under the LGPL or GPL license. An uninitialized variable usage vulnerability exists in versions of FFmpeg prior to 3.2.14. The vulnerability stems from aareadheader not checking...
CVE-2018-8627
An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Office, Office 365 ProPlus,...
CVE-2018-8627
An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Office, Office 365 ProPlus,...
Microsoft Excel Information Disclosure Vulnerability (CNVD-2019-02779)
Microsoft Excel is one of the components of Microsoft's office software Microsoft office, a spreadsheet software written and run by Microsoft for computers with Windows and Apple Macintosh operating systems. An information disclosure vulnerability exists in Microsoft Excel. The vulnerability...
3 New Code Execution Flaws Discovered in Atlantis Word Processor
This is why you should always think twice before opening innocent looking email attachments, especially word and pdf files. Cybersecurity researchers at Cisco Talos have once again discovered multiple critical security vulnerabilities in the Atlantis Word Processor that allow remote attackers to...