Lucene search
K

11 matches found

Snyk
Snyk
added 2026/06/18 10:13 p.m.5 views

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow via the htundoimpl function. An attacker can cause a crash and potentially leak adjacent heap memory by supplying a crafted EXR file with mismatched channel width and buffer length. Remediation Upgrade openexr...

8.3CVSS6.1AI score0.00263EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/05/24 12:0 a.m.5 views

Rust 安全漏洞

Rust is a general-purpose, compiled programming language from the Mozilla Foundation in the United States. A security vulnerability exists in Rust that stems from a possible overflow in groupnumber, where a hardware device may expect a small number of bits to be used to represent a group number...

2.9CVSS6.6AI score0.00276EPSS
Exploits1References3
OSV
OSV
added 2025/01/31 12:15 p.m.11 views

UBUNTU-CVE-2025-21667

In the Linux kernel, the following vulnerability has been resolved: iomap: avoid avoid truncating 64-bit offset to 32 bits on 32-bit kernels, iomapwritedelallocscan was inadvertently using a 32-bit position due to folionextindex returning an unsigned long. This could lead to an infinite loop when...

5.5CVSS6.2AI score0.00202EPSS
Exploits0References17
SUSE CVE
SUSE CVE
added 2023/02/15 4:42 a.m.3 views

SUSE CVE-2017-11643

GraphicsMagick 1.3.26 has a heap overflow in the WriteCMYKImage function in coders/cmyk.c when processing multiple frames that have non-identical widths...

7CVSS7.4AI score0.02218EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2021/12/08 10:2 a.m.2 views

Mozilla: Heap buffer overflow when using structured clone

The Mozilla Foundation Security Advisory describes this flaw as: An incorrect type conversion of sizes from 64bit to 32bit integers allowed an attacker to corrupt memory leading to a potentially exploitable crash...

8.8CVSS7.3AI score0.0202EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/11/09 5:42 p.m.3 views

python-pillow: Out-of-bounds read in J2K image reader

There is an out-of-bounds read in J2kDecode in j2kugrayala. For J2k images with multiple bands, it’s legal to have different widths for each band, e.g. 1 byte for L, 4 bytes for A...

9.1CVSS5.8AI score0.02876EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/03/31 9:13 p.m.12 views

poppler: heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc

In Poppler through 0.76.1, there is a heap-based buffer over-read in JPXStream::init in JPEG2000Stream.cc via data with inconsistent heights or widths...

8.8CVSS5.9AI score0.02527EPSS
Exploits1References4
OSV
OSV
added 2018/01/16 9:29 a.m.6 views

ALPINE-CVE-2018-5709

An issue was discovered in MIT Kerberos 5 aka krb5 through 1.16. There is a variable "dbentry-nkeydata" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect...

7.5CVSS6.9AI score0.02067EPSS
Exploits0References1
OSV
OSV
added 2017/05/21 7:29 p.m.3 views

DEBIAN-CVE-2017-9117

In LibTIFF 4.0.6 and possibly other versions, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, as demonstrated by a heap-based buffer over-read in bmp2tiff. NOTE: mentioning bmp2tiff does not imply that the...

9.8CVSS8.2AI score0.02221EPSS
Exploits1References1
OSV
OSV
added 2016/11/22 12:0 a.m.3 views

UBUNTU-CVE-2016-9540

tools/tiffcp.c in libtiff 4.0.6 has an out-of-bounds write on tiled images with odd tile width versus image width. Reported as MSVR 35103, aka "cpStripToTile heap-buffer-overflow."...

9.8CVSS6.9AI score0.03631EPSS
Exploits0References3
OSV
OSV
added 2015/01/16 8:59 p.m.3 views

DEBIAN-CVE-2014-9603

The vmddecode function in libavcodec/vmdvideo.c in FFmpeg before 2.5.2 does not validate the relationship between a certain length value and the frame width, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted...

7.5CVSS7.6AI score0.01969EPSS
Exploits0References1
Rows per page
Query Builder