GHSA-MX67-WV8X-HVV9 Deserialization of Untrusted Data in msgpack

Withdrawn This advisory was withdrawn by its CNA Snyk. Original advisory All versions of package msgpack are vulnerable to Deserialization of Untrusted Data via the unpack function. This does not affect the similarly named package @msgpack/msgpack...

UPX Heap Buffer Overflow Vulnerability

UPX is a portable and extensible executable compression program. A buffer overflow vulnerability exists in the 'canUnpack' function of the pmach.cpp file in UPX version 3.95. The vulnerability stems from a networked system or product performing operations in memory without properly validating dat...

Null pointer dereference

An error within the "LibRaw::unpack" function src/librawcxx.cpp in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference...

CVE-2018-5801

An error within the "LibRaw::unpack" function src/librawcxx.cpp in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference...

CVE-2018-5801

An error within the "LibRaw::unpack" function src/librawcxx.cpp in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference...

CVE-2018-5801

An error within the "LibRaw::unpack" function src/librawcxx.cpp in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference...

LibRaw 'LibRaw::unpack' function null pointer backreference vulnerability

LibRaw is a C++ library for processing RAW CRW/CR2, NEF, RAF, DNG and others format images. A null pointer back-reference vulnerability exists in the 'LibRaw::unpack' function src/librawcxx.cpp file in versions of LibRaw prior to 0.18.7. An attacker can exploit this vulnerability with a specially...

Denial Of Service (DoS)

libraw.so is vulnerable to denial of service DoS attacks. The attack can be triggered due to a flaw in unpack function src/librawcxx.cpp, causing null pointer dereferencing...

CVE-2018-11243

PackLinuxElf64::unpack in plxelf.cpp in UPX 3.95 allows remote attackers to cause a denial of service double free, limit the ability of a malware scanner to operate on the entire original data, or possibly have unspecified other impact via a crafted file...

PT-2017-14606 · Upx +1 · Upx +1

Name of the Vulnerable Software and Affected Versions: UPX version 3.94 Description: The issue allows remote attackers to cause a denial of service, resulting in invalid memory access and application crash, or possibly have other unspecified impacts via a crafted Mach-O file. This is related to t...

PT-2017-13841 · Upx Team +1 · Upx +1

Name of the Vulnerable Software and Affected Versions: UPX version 3.94 Description: The issue is related to the handling of ELF headers in the p lx elf.cpp file, which can be exploited by remote attackers using a crafted binary file. This exploitation can lead to a denial of service, causing the...

UnRAR 'Unpack::LongLZ' Function Buffer Overflow Vulnerability

UnRAR is a command line document decompression program for use on Windows and Linux platforms. A buffer overflow vulnerability in the 'Unpack::LongLZ' function of the UnRAR libunrar.a file allows remote attackers to exploit the vulnerability to construct a malicious file that can be parsed by the...

UBUNTU-CVE-2017-12941

libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the Unpack::Unpack20 function...

DEBIAN-CVE-2017-9831

An integer overflow vulnerability in the ptpunpackEOSCustomFuncEx function of the ptp-pack.c file of libmtp version 1.1.12 and below allows attackers to cause a denial of service out-of-bounds memory access or maybe remote code execution by inserting a mobile device into a personal computer throu...

CVE-2013-2126

Multiple double free vulnerabilities in the LibRaw::unpack function in librawcxx.cpp in LibRaw before 0.15.2 allow context-dependent attackers to cause a denial of service application crash and possibly execute arbitrary code via a malformed full-color 1 Foveon or 2 sRAW image file...

DEBIAN-CVE-2013-2126

Multiple double free vulnerabilities in the LibRaw::unpack function in librawcxx.cpp in LibRaw before 0.15.2 allow context-dependent attackers to cause a denial of service application crash and possibly execute arbitrary code via a malformed full-color 1 Foveon or 2 sRAW image file...

Double free

Multiple double free vulnerabilities in the LibRaw::unpack function in librawcxx.cpp in LibRaw before 0.15.2 allow context-dependent attackers to cause a denial of service application crash and possibly execute arbitrary code via a malformed full-color 1 Foveon or 2 sRAW image file...

CVE-2013-2126

Multiple double free vulnerabilities in the LibRaw::unpack function in librawcxx.cpp in LibRaw before 0.15.2 allow context-dependent attackers to cause a denial of service application crash and possibly execute arbitrary code via a malformed full-color 1 Foveon or 2 sRAW image file...

UBUNTU-CVE-2013-2126

Multiple double free vulnerabilities in the LibRaw::unpack function in librawcxx.cpp in LibRaw before 0.15.2 allow context-dependent attackers to cause a denial of service application crash and possibly execute arbitrary code via a malformed full-color 1 Foveon or 2 sRAW image file...

PHP unpack()函数中断处理信息泄露漏洞

CVE ID: CVE-2010-2191 PHP是广泛使用的通用目的脚本语言，特别适合于Web开发，可嵌入到HTML中。 PHP的unpack函数中存在信息泄露漏洞： char format, input, formatarg, inputarg; int formatlen, formatarglen, inputarglen; int inputpos, inputlen, i; if zendparseparametersZENDNUMARGS TSRMLSCC, "ss", &formatarg, &formatarglen, &inputarg, &inputarglen =...