Security
Headlines
HeadlinesLatestCVEs

Tag

#buffer_overflow

CVE-2021-43305: 7 RCE and DoS vulnerabilities Found in ClickHouse DBMS

Heap buffer overflow in Clickhouse's LZ4 compression codec when parsing a malicious query. There is no verification that the copy operations in the LZ4::decompressImpl loop and especially the arbitrary copy operation wildCopy<copy_amount>(op, ip, copy_end), don’t exceed the destination buffer’s limits. This issue is very similar to CVE-2021-43304, but the vulnerable copy operation is in a different wildCopy call.

CVE
Open in Source
#vulnerability#web#google#dos#intel#c++#rce#buffer_overflow#auth
CVE-2022-0943: patch 8.2.4563: "z=" in Visual mode may go beyond the end of the line · vim/vim@5c68617

Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563.

CVE-2022-22721: Apache HTTP Server 2.4 vulnerabilities

If LimitXMLRequestBody is set to allow request bodies larger than 350MB (defaults to 1M) on 32 bit systems an integer overflow happens which later causes out of bounds writes. This issue affects Apache HTTP Server 2.4.52 and earlier.

CVE-2022-26981: [BUG] global-buffer-overflow in lou_checktable · Issue #1171 · liblouis/liblouis

Liblouis through 3.21.0 has a buffer overflow in compilePassOpcode in compileTranslationTable.c (called, indirectly, by tools/lou_checktable.c).

CVE-2022-24754: Use PJ_ASSERT_RETURN() on pjsip_auth_create_digest() and pjsua_init_t… · pjsip/pjproject@d27f79d

PJSIP is a free and open source multimedia communication library written in C language. In versions prior to and including 2.12 PJSIP there is a stack-buffer overflow vulnerability which only impacts PJSIP users who accept hashed digest credentials (credentials with data_type `PJSIP_CRED_DATA_DIGEST`). This issue has been patched in the master branch of the PJSIP repository and will be included with the next release. Users unable to upgrade need to check that the hashed digest data length must be equal to `PJSIP_MD5STRLEN` before passing to PJSIP.

CVE-2022-0924: fix heap buffer overflow in tiffcp (#278) (!311) · Merge requests · libtiff / libtiff · GitLab

Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 408976c4.

CVE-2022-0891: 2022/CVE-2022-0891.json · master · GitLab.org / cves · GitLab

A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact

CVE-2021-40052: March

There is an incorrect buffer size calculation vulnerability in the video framework.Successful exploitation of this vulnerability may affect availability.

CVE-2022-26490: nfc: st21nfca: Fix potential buffer overflows in EVT_TRANSACTION · torvalds/linux@4fbcc1a

st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters.

CVE-2021-3575: Invalid Bug ID

A heap-based buffer overflow was found in openjpeg in color.c:379:42 in sycc420_to_rgb when decompressing a crafted .j2k file. An attacker could use this to execute arbitrary code with the permissions of the application compiled against openjpeg.