Security
Headlines
HeadlinesLatestCVEs

Tag

#buffer_overflow

CVE-2021-45927: Version 0.9.3, final · mdbtools/mdbtools@373b7ff

MDB Tools (aka mdbtools) 0.9.2 has a stack-based buffer overflow (at 0x7ffd6e029ee0) in mdb_numeric_to_string (called from mdb_xfer_bound_data and _mdb_attempt_bind).

CVE
Open in Source
#sql#buffer_overflow#ibm
CVE-2021-45958: oss-fuzz-vulns/OSV-2021-955.yaml at main · google/oss-fuzz-vulns

UltraJSON (aka ujson) through 5.1.0 has a stack-based buffer overflow in Buffer_AppendIndentUnchecked (called from encode). Exploitation can, for example, use a large amount of indentation.

CVE-2021-45948

Open Asset Import Library (aka assimp) 5.1.0 and 5.1.1 has a heap-based buffer overflow in _m3d_safestr (called from m3d_load and Assimp::M3DWrapper::M3DWrapper).

CVE-2021-21901: TALOS-2021-1353 || Cisco Talos Intelligence Group

A stack-based buffer overflow vulnerability exists in the CMA check_udp_crc function of Garrett Metal Detectors’ iC Module CMA Version 5.0. A specially-crafted packet can lead to a stack-based buffer overflow during a call to memcpy. An attacker can send a malicious packet to trigger this vulnerability.

CVE-2021-21903: TALOS-2021-1355 || Cisco Talos Intelligence Group

A stack-based buffer overflow vulnerability exists in the CMA check_udp_crc function of Garrett Metal Detectors’ iC Module CMA Version 5.0. A specially-crafted packet can lead to a stack-based buffer overflow during a call to strcpy. An attacker can send a malicious packet to trigger this vulnerability.

CVE-2021-44790: Apache HTTP Server 2.4 vulnerabilities

A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier.

CVE-2021-4136: Heap-based Buffer Overflow in vim

vim is vulnerable to Heap-based Buffer Overflow

CVE-2021-41496: Potential buffer-overflow from string operations in function array_from_pyobj of fortranobject.c · Issue #19000 · numpy/numpy

** DISPUTED ** Buffer overflow in the array_from_pyobj function of fortranobject.c in NumPy < 1.19, which allows attackers to conduct a Denial of Service attacks by carefully constructing an array with negative values. NOTE: The vendor does not agree this is a vulnerability; the negative dimensions can only be created by an already privileged user (or internally).

CVE-2021-34141: Insecure string comparison (incomplete comparison) in _convert_from_str of descriptor.c · Issue #18993 · numpy/numpy

An incomplete string comparison in the numpy.core component in NumPy before 1.22.0 allows attackers to trigger slightly incorrect copying by constructing specific string objects. NOTE: the vendor states that this reported code behavior is "completely harmless."

CVE-2021-43518: Fuzzing game map parsers, part 1

Teeworlds up to and including 0.7.5 is vulnerable to Buffer Overflow. A map parser does not validate m_Channels value coming from a map file, leading to a buffer overflow. A malicious server may offer a specially crafted map that will overwrite client's stack causing denial of service or code execution.