Security
Headlines
HeadlinesLatestCVEs

Tag

#buffer_overflow

CVE-2020-24133: patch Heap overflow by JJY-sec · Pull Request #255 · radareorg/radare2-extras

A heap buffer overflow vulnerability in the r_asm_swf_disass function of Radare2-extras before commit e74a93c allows attackers to execute arbitrary code or carry out denial of service (DOS) attacks.

CVE
Open in Source
#vulnerability#dos#git#buffer_overflow
CVE-2021-24119: Releases · Mbed-TLS/mbedtls

In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single stepped, especially Intel SGX.

CVE-2020-19721: Heap buffer overflow in Ap4TrunAtom.cpp when running mp42aac · Issue #415 · axiomatic-systems/Bento4

A heap buffer overflow vulnerability in Ap4TrunAtom.cpp of Bento 1.5.1-628 may lead to an out-of-bounds write while running mp42aac, leading to system crashes and a denial of service (DOS).

CVE-2020-19716: Buffer overflow caused by exhaustive memory usage · Issue #980 · Exiv2/exiv2

A buffer overflow vulnerability in the Databuf function in types.cpp of Exiv2 v0.27.1 leads to a denial of service (DOS).

CVE-2021-34552: Release Notes

Pillow through 8.2.0 and PIL (aka Python Imaging Library) through 1.1.7 allow an attacker to pass controlled parameters directly into a convert function to trigger a buffer overflow in Convert.c.

CVE-2020-28598: TALOS-2020-1222 || Cisco Talos Intelligence Group

An out-of-bounds write vulnerability exists in the Admesh stl_fix_normal_directions() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted AMF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2021-21793: TALOS-2021-1257 || Cisco Talos Intelligence Group

An out-of-bounds write vulnerability exists in the JPG sof_nb_comp header processing functionality of Accusoft ImageGear 19.8 and 19.9. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2021-21794: TALOS-2021-1261 || Cisco Talos Intelligence Group

An out-of-bounds write vulnerability exists in the TIF bits_per_sample processing functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2021-21821: TALOS-2021-1286 || Cisco Talos Intelligence Group

A stack-based buffer overflow vulnerability exists in the PDF process_fontname functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2021-21807: TALOS-2021-1275 || Cisco Talos Intelligence Group

An integer overflow vulnerability exists in the DICOM parse_dicom_meta_info functionality of Accusoft ImageGear 19.9. A specially crafted malformed file can lead to a stack-based buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.