Page 122 of 8866 results (0.019 seconds)

CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 2

In libpixman in Pixman before 0.42.2, there is an out-of-bounds write (aka heap-based buffer overflow) in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y. En libpixman en Pixman anterior a 0.42.2, hay una escritura fuera de límites (también conocida como desbordamiento de búfer basado en montón) en rasterize_edges_8 debido a un desbordamiento de enteros en pixman_sample_floor_y. A flaw was found in pixman. This issue causes an out-of-bounds write in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y. This can result in data corruption, a crash, or code execution. pixman versions prior to 0.42.2 suffer from an out-of-bounds write vulnerability in rasterize_edges_8 due to an integer overflow in pixman_sample_floor_y. • http://packetstormsecurity.com/files/170121/pixman-pixman_sample_floor_y-Integer-Overflow.html http://www.openwall.com/lists/oss-security/2022/11/05/1 https://gitlab.freedesktop.org/pixman/pixman/-/issues/63 https://lists.debian.org/debian-lts-announce/2022/11/msg00008.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AJ5VY2VYXE4WTRGQ6LMGLF6FV3SY37YE https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BY4OPSIB33ETNUXZY2UPZ4NGQ3OKDY • CWE-190: Integer Overflow or Wraparound CWE-787: Out-of-bounds Write •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if the ntfs-3g binary is setuid root. A physically proximate attacker can exploit this if NTFS-3G software is configured to execute upon attachment of an external storage device. Se descubrió un desbordamiento del búfer en NTFS-3G antes de 2022.10.3. • http://www.openwall.com/lists/oss-security/2022/10/31/2 https://github.com/tuxera/ntfs-3g/releases https://lists.debian.org/debian-lts-announce/2022/11/msg00029.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2BOQ7YLFT43KLXEN3EB6CS4DP635RJWP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IA2D4PYOR7ABI7BWBMMMYKY2OPHTV2NI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UGDKGXA4R2ZVUQ3CT4D4Y • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1

Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_qpel_fallback<unsigned short> in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. Se descubrió que Libde265 v1.0.8 contenía una vulnerabilidad de desbordamiento del búfer a través de put_qpel_fallback en fallback-motion.cc. Esta vulnerabilidad permite a los atacantes provocar una denegación de servicio (DoS) a través de un archivo de vídeo manipulado. • https://github.com/strukturag/libde265/issues/342 https://lists.debian.org/debian-lts-announce/2023/01/msg00020.html https://www.debian.org/security/2023/dsa-5346 • CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1

Libde265 v1.0.8 was discovered to contain an unknown crash via ff_hevc_put_hevc_qpel_v_3_8_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. Se descubrió que Libde265 v1.0.8 contenía un bloqueo desconocido a través de ff_hevc_put_hevc_qpel_v_3_8_sse en sse-motion.cc. Esta vulnerabilidad permite a los atacantes provocar una denegación de servicio (DoS) a través de un archivo de vídeo manipulado. • https://github.com/strukturag/libde265/issues/338 https://lists.debian.org/debian-lts-announce/2023/01/msg00020.html https://www.debian.org/security/2023/dsa-5346 • CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 1

Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via mc_luma<unsigned char> in motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. Se descubrió que Libde265 v1.0.8 contenía una vulnerabilidad de desbordamiento del búfer de almacenamiento a través de mc_luma en motion.cc. Esta vulnerabilidad permite a los atacantes provocar una denegación de servicio (DoS) a través de un archivo de vídeo manipulado. • https://github.com/strukturag/libde265/issues/340 https://lists.debian.org/debian-lts-announce/2023/01/msg00020.html https://www.debian.org/security/2023/dsa-5346 • CWE-787: Out-of-bounds Write •