Security
Headlines
HeadlinesLatestCVEs

Tag

#c++

CVE-2023-37748: Infinite loop has occurred when running program gif2tga in function DecodeGifImg at ngiflib.c · Issue #25 · miniupnp/ngiflib

ngiflib commit 5e7292 was discovered to contain an infinite loop via the function DecodeGifImg at ngiflib.c.

CVE
Open in Source
#git#c++#auth
CVE-2023-22062: Oracle Critical Patch Update Advisory - July 2023

Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). The supported version that is affected is 11.2.13.0.000. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hyperion Financial Reporting. While the vulnerability is in Oracle Hyperion Financial Reporting, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hyperion Financial Reporting accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hyperion Financial Reporting. CVSS 3.1 Base Score 8.5 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L).

CVE-2023-37139: dynamic-stack-buffer-overflow in release build · Issue #6884 · chakra-core/ChakraCore

ChakraCore branch master cbb9b was discovered to contain a stack overflow vulnerability via the function Js::ScopeSlots::IsDebuggerScopeSlotArray().

CVE-2021-34119: Heap-buffer-overflow in function parse_paragraph() in ps-pdf.cxx · Issue #431 · michaelrsweet/htmldoc

A flaw was discovered in htmodoc 1.9.12 in function parse_paragraph in ps-pdf.cxx ,this flaw possibly allows possible code execution and a denial of service via a crafted file.

CVE-2021-34123: ATasm: 6502 cross-assembler / Bugs

An issue was discovered on atasm, version 1.09. A stack-buffer-overflow vulnerability in function aprintf() in asm.c allows attackers to execute arbitrary code on the system via a crafted file.

CVE-2022-33065: UndefinedBehaviorSanitizer: multiple signed integer overflow · Issue #833 · libsndfile/libsndfile

Multiple signed integers overflow in function au_read_header in src/au.c and in functions mat4_open and mat4_read_header in src/mat4.c in Libsndfile, allows an attacker to cause Denial of Service or other unspecified impacts.

CVE-2021-34121: Out of bounds read in function · Issue #433 · michaelrsweet/htmldoc

An Out of Bounds flaw was discovered in htmodoc 1.9.12 in function parse_tree() in toc.cxx, this possibly leads to memory layout information leaking in the data. This might be used in a chain of vulnerability in order to reach code execution.

CVE-2022-33064: UndefinedBehaviorSanitizer: index 100 out of bounds for type 'SF_CUE_POINT [100]' · Issue #832 · libsndfile/libsndfile

An off-by-one error in function wav_read_header in src/wav.c in Libsndfile 1.1.0, results in a write out of bound, which allows an attacker to execute arbitrary code, Denial of Service or other unspecified impacts.

CVE-2020-23910: A stack overflow in genhash.c:506:7 causes Segmentation fault · Issue #396 · vlm/asn1c

Stack-based buffer overflow vulnerability in asn1c through v0.9.28 via function genhash_get in genhash.c.

CVE-2020-23909: AdvanceMAME / Bugs / #285 A heap overflow in pngex.cc:433:4

Heap-based buffer over-read in function png_convert_4 in file pngex.cc in AdvanceMAME through 2.1.