Cisco Secure Endpoint 安全漏洞

Cisco Secure Endpoint Cisco AMP for Endpoints is a terminal application developed by Cisco, Inc., that integrates static and dynamic malware analysis along with threat intelligence. There is a security vulnerability in Cisco Secure Endpoint, which stems from improper error handling during the...

UBUNTU-CVE-2024-6197

libcurl's ASN1 parser has this utf8asn1str function used for parsing an ASN.1 UTF-8 string. Itcan detect an invalid field and return error. Unfortunately, when doing so it also invokes free on a 4 byte localstack buffer. Most modern malloc implementations detect this error and immediately abort...

UBUNTU-CVE-2022-22895

Jerryscript 3.0.0 was discovered to contain a heap-buffer-overflow via ecmautf8stringtonumberbyradix in /jerry-core/ecma/base/ecma-helpers-conversion.c...

GPAC 缓冲区错误漏洞

GPAC is a multimedia framework for rich media and is distributed under the LGPL license. a heap buffer overflow vulnerability exists in the ODReadUTF8String function in odfcode.c in GPAC version 0.8.0. An attacker could exploit the vulnerability to cause a denial of service via specially crafted...

UBUNTU-CVE-2020-36317

In the standard library in Rust before 1.49.0, String::retain function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the sa...

nodejs: memory corruption in napi_get_value_string_* functions

A flaw was found in nodejs. Calling napigetvaluestringlatin1, napigetvaluestringutf8, or napigetvaluestringutf16 with a non-NULL buf, and a bufsize of 0 will cause the entire string value to be written to buf, probably overrunning the length of the buffer...

DEBIAN-CVE-2018-16429

GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in gmarkupparsecontextparse in gmarkup.c, related to utf8str...

UBUNTU-CVE-2018-16429

GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in gmarkupparsecontextparse in gmarkup.c, related to utf8str...

glibc: fnmatch() alloca()-based memory corruption flaw

The GNU C Library aka glibc or libc6 before 2.12.2 and Embedded GLIBC EGLIBC allow context-dependent attackers to execute arbitrary code or cause a denial of service memory consumption via a long UTF8 string that is used in an fnmatch call, aka a "stack extension attack," a related issue to...

DEBIAN-CVE-2011-1071

The GNU C Library aka glibc or libc6 before 2.12.2 and Embedded GLIBC EGLIBC allow context-dependent attackers to execute arbitrary code or cause a denial of service memory consumption via a long UTF8 string that is used in an fnmatch call, aka a "stack extension attack," a related issue to...

glibc: fnmatch() alloca()-based memory corruption flaw

Integer overflow in posix/fnmatch.c in the GNU C Library aka glibc or libc6 2.13 and earlier allows context-dependent attackers to cause a denial of service application crash via a long UTF8 string that is used in an fnmatch call with a crafted pattern argument, a different vulnerability than...