CVE-2020-13878

IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+27ef heap-based out-of-bounds write...

Heap overflow

IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+27ef heap-based out-of-bounds write...

CVE-2020-13878

Summary: IrfanView B3D PlugIns before version 4.56 is affected by a heap-based out-of-bounds write in B3d.dll!+27ef. This vulnerability has a CVSS v3.1 base score of 9.8 (CRITICAL) with NETWORK attack vector, no privileges or user interaction required. Affected products/versions: IrfanView B3D Pl...

Out-of-bounds

In battery, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308064...

Out-of-bounds

In Modem IMS SMS UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00730807; Issue ID: MOLY00730807...

Directory Traversal

mlflow is vulnerable to Directory Traversal. The vulnerability exists in the validatepathissafe function within uri.py which allows an attacker to read or write to files outside of the restricted directory using a crafted file path...

OSV-2023-1328 Stack-buffer-overflow in icu_75::TZDBTimeZoneNames::getMetaZoneNames

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65128 Crash type: Stack-buffer-overflow WRITE 1 Crash state: icu75::TZDBTimeZoneNames::getMetaZoneNames icu75::TZDBTimeZoneNames::getMetaZoneDisplayName TestNames...

pixman: Integer overflow in pixman_sample_floor_y leading to heap out-of-bounds write

A flaw was found in pixman. This issue causes an out-of-bounds write in rasterizeedges8 due to an integer overflow in pixmansamplefloory. This can result in data corruption, a crash, or code execution...

PT-2023-28552 · Unknown · Ril Service

Name of the Vulnerable Software and Affected Versions: ril service affected versions not specified Description: The issue is related to a missing bounds check in the ril service, which could lead to a possible out of bounds write. This might result in a local denial of service, and system executi...

CVE-2023-47100

Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-47038. Reason: This record is a duplicate of CVE-2023-47038. Notes: All CVE users should reference CVE-2023-47038 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage...

OSV-2023-1208 Heap-buffer-overflow in ih264d_format_convert

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64438 Crash type: Heap-buffer-overflow WRITE Crash state: ih264dformatconvert ih264ddecodepicturethread...

OSV-2023-1206 Heap-buffer-overflow in ih264d_format_convert

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64432 Crash type: Heap-buffer-overflow WRITE Crash state: ih264dformatconvert isvcdvideodecode isvcdapifunction...

Out-of-bounds

In video, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08235273; Issue ID: ALPS08250357...

Out-of-bounds

In modem CCCI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction may be also needed for exploitation Patch ID: MOLY01138425; Issue ID: MOLY01138425 MSV-862...

CVE-2023-31017

NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker may be able to write arbitrary data to privileged locations by using reparse points. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information...

CVE-2023-31017 CVE

NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker may be able to write arbitrary data to privileged locations by using reparse points. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information...

OSV-2023-1088 Heap-buffer-overflow in arrow::Status arrow::Result<std::__1::unique_ptr<arrow::Buffer, std::__1::defaul

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=63679 Crash type: Heap-buffer-overflow WRITE 8 Crash state: arrow::Status arrow::Resultstd::1::uniqueptrarrow::Buffer, std::1::defaul arrow::ipc::ArrayLoader::GetBuffer arrow::ipc::ArrayLoader::Visit...

CVE-2023-5834 Vagrant’s Windows Installer Allowed Directory Junction Write

HashiCorp Vagrant's Windows installer targeted a custom location with a non-protected path that could be junctioned, introducing potential for unauthorized file system writes. Fixed in Vagrant 2.4.0...

DEBIAN-CVE-2023-45675

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in f-vendorlen = char'\0';. The root cause is that if the len read in startdecoder is -1 and len + 1 becomes 0 when passed to setupmalloc. The setupmalloc behaves...

Out-of-bounds

stbvorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in f-vendorlen = char'\0';. The root cause is that if the len read in startdecoder is -1 and len + 1 becomes 0 when passed to setupmalloc. The setupmalloc behaves...