63 matches found
GNU Recutils memory leak vulnerability (CNVD-2019-22426)
GNU Recutils is a set of tools and libraries for accessing human-editable plain text databases called recfiles. A memory leak vulnerability exists in recextracttype in rec-utils.c in librec.a in GNU Recutils 1.8. No details of the vulnerability are provided at this time...
UBUNTU-CVE-2019-6459
An issue was discovered in GNU Recutils 1.8. There is a memory leak in recextracttype in rec-utils.c in librec.a...
CVE-2018-1100
zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function. A local attacker could exploit this to execute arbitrary code in the context of another user...
zsh buffer overflow vulnerability
zsh is an interactive command interpreter and command programming language used on Linux systems. A buffer overflow vulnerability exists in the utils.c file in versions of zsh prior to 5.4. An attacker could exploit this vulnerability to execute code or cause a denial of service...
Buffer overflow
In utils.c in zsh before 5.4, symlink expansion had a buffer overflow...
Buffer overflow
In utils.c in zsh before 5.0.6, there is a buffer overflow when scanning very long directory paths for symbolic links...
CVE-2014-10072
CVE-2014-10072 is a buffer overflow in zsh when scanning very long directory paths for symbolic links, occurring in code path utils.c and affecting zsh before 5.0.6 . Multiple connected Nessus/NVD-derived entries corroborate the vulnerability alongside related zsh CVEs, indicating a high-severity...
UBUNTU-CVE-2014-10072
In utils.c in zsh before 5.0.6, there is a buffer overflow when scanning very long directory paths for symbolic links...
uwsgi -- a stack-based buffer overflow
Uwsgi developers report: It was discovered that the uwsgiexpandpath function in utils.c in Unbit uWSGI, an application container server, has a stack-based buffer overflow via a large directory length that can cause a denial-of-service application crash or stack corruption...
CVE-2017-17517
libsylph/utils.c in Sylpheed through 3.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL...
liblouis: Buffer overflow in the function _lou_showString()
There is a buffer overflow in Liblouis 3.2.0, triggered in the function loushowString in utils.c, that will lead to a remote denial of service attack...
Null pointer dereference
The avcolorprimariesname function in libavutil/pixdesc.c in FFmpeg 3.3.3 may return a NULL pointer depending on a value contained in a file, but callers do not anticipate this, as demonstrated by the avcodecstring function in libavcodec/utils.c, leading to a NULL pointer dereference. It is also...
Liblouis Denial of Service Vulnerability
Liblouis is an open source Braille translator and back translator. A denial of service vulnerability exists in the loushowString function in utils.c in Liblouis, which can be exploited by a remote attacker to cause a denial of service...
UBUNTU-CVE-2017-13743
There is a buffer overflow in Liblouis 3.2.0, triggered in the function loushowString in utils.c, that will lead to a remote denial of service attack...
CVE-2017-7865
FFmpeg before 2017-01-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the ipvideodecodeblockopcode0xA function in libavcodec/interplayvideo.c and the avcodecaligndimensions2 function in libavcodec/utils.c...
CVE-2017-7865
FFmpeg before 2017-01-24 has an out-of-bounds write caused by a heap-based buffer overflow related to the ipvideodecodeblockopcode0xA function in libavcodec/interplayvideo.c and the avcodecaligndimensions2 function in libavcodec/utils.c...
CVE-2016-9825
CVE-2016-9825 affects libav (libswscale/utils.c) in version 11.8, where remote input can trigger a denial of service by performing a left shift on a negative value. This is described across multiple connected sources as a vulnerability in Libav’s libswscale component that can crash affected appli...
File Roller 'src/file-utils.c' Directory Traversal Vulnerability
File Roller is for the Gnome desktop environment provides a graphical interface to operate the compressed, archived files, similar to the KDE desktop environment, Ark. A target traversal vulnerability exists in File Roller 3.5.4-3.20.2. If the target user opens a malicious document, it can cause...
Design/Logic Flaw
The swsinitcontext function in libswscale/utils.c in FFmpeg before 2.7.2 does not initialize certain pixbuf data structures, which allows remote attackers to cause a denial of service segmentation violation or possibly have unspecified other impact via crafted video data...
CVE-2013-0861
The avcodecdecodeaudio4 function in libavcodec/utils.c in FFmpeg before 1.0.4 and 1.1.x before 1.1.1 allows remote attackers to trigger memory corruption via vectors related to the channel layout...