libredwg 缓冲区错误漏洞

libredwg is a free implementation of the DWG file format. A buffer error vulnerability exists in libredwg version 0.12.5, which stems from the bitwriteTF function containing a heap buffer overflow vulnerability...

The vulnerability of the erase-write function in Cisco NX-OS and Cisco FXOS operating systems of Cisco devices allows attackers to increase their privileges.

The vulnerability of the erase-write function in Cisco NX-OS and Cisco FXOS operating systems in Cisco devices is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

SUSE CVE-2023-31082

An issue was discovered in drivers/tty/ngsm.c in the Linux kernel 6.2. There is a sleeping function called from an invalid context in gsmldwrite, which will block the kernel. Note: This has been disputed by 3rd parties as not a valid vulnerability...

SUSE CVE-2019-19252

vcswrite in drivers/tty/vt/vcscreen.c in the Linux kernel through 5.3.13 does not prevent write access to vcsu devices, aka CID-0c9acb1af77a...

PT-2022-23530 · Xhyve · Xhyve

Name of the Vulnerable Software and Affected Versions: xhyve version dfbe09b Description: The issue is related to a NULL pointer dereference via the vi pci write component. This allows attackers to cause a Denial of Service via unspecified vectors. Recommendations: For xhyve version dfbe09b,...

PT-2022-22484 · Pngdec · Pngdec

Name of the Vulnerable Software and Affected Versions: PNGDec version prior to the version that includes the fix for the issue in commit 8abf6be Description: A heap buffer overflow issue was discovered in PNGDec via the interceptor fwrite.part.57 function at sanitizer common interceptors.inc...

AZL-45270 CVE-2022-31650 affecting package sox 14.4.2.0-34

In SoX 14.4.2, there is a floating-point exception in lsxaiffstartwrite in aiff.c in libsox.a...

Silicon Graphics LibTIFF 缓冲区错误漏洞

Silicon Graphics LibTIFF is a library for reading and writing TIFF Tagged Image File Format files from Silicon Graphics, USA. The library contains some command line tools for working with TIFF files. A security vulnerability exists in Silicon Graphics LibTIFF that originates from an invalid memor...

OSV-2021-1779 Heap-use-after-free in Segment::write

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42996 Crash type: Heap-use-after-free READ 1 Crash state: Segment::write Doublewrite::writepages Doublewrite::flushtodisk...

PT-2021-17965

Name of the Vulnerable Software and Affected Versions: Deark versions prior to 1.5.8 Description: The issue arises from a specially crafted input file that can cause a NULL pointer dereference in the dbuf write function, located in src/deark-dbuf.c. Recommendations: For versions prior to 1.5.8,...

CVE-2021-0377

In DeltaPerformer::Write of deltaperformer.cc, there is a possible use of untrusted input due to improper input validation. This could lead to a local bypass of defense in depth protections with no additional execution privileges needed. User interaction is not needed for exploitation.Product:...

Libgcrypt Buffer Error Vulnerability

Libgcrypt is a general-purpose cryptographic library developed by the GNU Project developed by the Gnu Project based on the GnuPG code. The library implements a variety of cryptographic algorithms, including symmetric ciphers, hashing algorithms, public key algorithms, and more. Libgcrypt before...

kernel: sg_write function lacks an sg_remove_request call in a certain failure case

A vulnerability was found in sgwrite in drivers/scsi/sg.c in the SCSI generic sg driver subsystem. This flaw allows an attacker with local access and special user or root privileges to cause a denial of service if the allocated list is not cleaned with an invalid Sgfd sfp pointer at the time of...

The vulnerability of the OpenSSL cryptographic library’s software, related to the improper functioning of the “error state” mechanism, allows a hacker to transmit unencrypted confidential data over the network.

The vulnerability of the OpenSSL cryptographic library relates to the improper operation of the “error state” mechanism, especially when the functions SSLRead or SSLWrite are called directly by the application. Exploiting this vulnerability allows an attacker to transmit unencrypted confidential...

Information Disclosure

undertow-core is vulnerable to information disclosure. The library does not properly flush the bytebuffer after handling response requests after the write function is called. The flushing function then proceeds to write out the contents of the writevBuffer which could contain sensitive informatio...

DEBIAN-CVE-2017-18185

An issue was discovered in QPDF before 7.0.0. There is a large heap-based out-of-bounds read in the PlBuffer::write function in PlBuffer.cc. It is caused by an integer overflow in the PNG filter...

CVE-2017-18185

An issue was discovered in QPDF before 7.0.0. There is a large heap-based out-of-bounds read in the PlBuffer::write function in PlBuffer.cc. It is caused by an integer overflow in the PNG filter...

PoDoFo Denial of Service Vulnerability (CNVD-2018-03971)

PoDoFo is an open source , written in C++ using the PDF file format library . A denial of service vulnerability exists in the 'PdfMemoryOutputStream::Write' function in the base/PdfOutputStream.cpp file in PoDoFo version 0.9.5, which stems from a program that does not properly validate the 'memcp...

CVE-2018-5308

PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function base/PdfOutputStream.cpp. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file...

CVE-2018-5308

PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function base/PdfOutputStream.cpp. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file...