Page 209 of 2170 results (0.018 seconds)

CVSS: 8.8EPSS: 0%CPEs: 8EXPL: 0

CVE-2018-5802 – LibRaw: Out-of-bounds read in kodak_radc_load_raw function internal/dcraw_common.cpp

https://notcve.org/view.php?id=CVE-2018-5802

An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash. Un error en la función "kodak_radc_load_raw()" (internal/dcraw_common.cpp) relacionada con la variable "buf" en LibRaw en versiones anteriores a la 0.18.7 se puede explotar para provocar un acceso de lectura a la memoria fuera de límites y un cierre inesperado. An out-of-bounds read flaw was found in the way LibRaw processed images. An attacker could potentially use this flaw to crash applications using LibRaw by tricking them into processing crafted images. • https://access.redhat.com/errata/RHSA-2018:3065 https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt https://github.com/LibRaw/LibRaw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4 https://lists.debian.org/debian-lts-announce/2019/03/msg00036.html https://secuniaresearch.flexerasoftware.com/advisories/79000 https://secuniaresearch.flexerasoftware.com/secunia_research/2018-1 https://usn.ubuntu.com/3615-1 https://access.redhat.com/security/cve/CVE-2018-5802 https://bugzilla.redhat.com/show_bug.cg • CWE-122: Heap-based Buffer Overflow CWE-125: Out-of-bounds Read •

CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0

CVE-2018-5800 – LibRaw: Heap-based buffer overflow in LibRaw::kodak_ycbcr_load_raw function in internal/dcraw_common.cpp

https://notcve.org/view.php?id=CVE-2018-5800

An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash. Un error por un paso relacionado con la función "LibRaw::kodak_ycbcr_load_raw()" (internal/dcraw_common.cpp) en las versiones anteriores a la 0.18.7 de LibRaw puede explotarse para provocar un desbordamiento de búfer basado en memoria dinámica (heap) y un cierre inesperado. A heap-based out-of-bounds access flaw was found in the way LibRaw processed images. An attacker could potentially use this flaw to crash applications using LibRaw by tricking them into processing crafted images. • http://www.securityfocus.com/bid/104663 https://access.redhat.com/errata/RHSA-2018:3065 https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt https://github.com/LibRaw/LibRaw/commit/8682ad204392b914ab1cc6ebcca9c27c19c1a4b4 https://lists.debian.org/debian-lts-announce/2019/03/msg00036.html https://secuniaresearch.flexerasoftware.com/advisories/79000 https://secuniaresearch.flexerasoftware.com/secunia_research/2018-1 https://usn.ubuntu.com/3615-1 https://access.redhat.com/security/cve/CVE-2018-5800 • CWE-122: Heap-based Buffer Overflow CWE-193: Off-by-one Error CWE-787: Out-of-bounds Write •

CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0

CVE-2018-5801 – LibRaw: NULL pointer dereference in LibRaw::unpack function src/libraw_cxx.cpp

https://notcve.org/view.php?id=CVE-2018-5801

An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference. Un error en la función "LibRaw::unpack()" (src/libraw_cxx.cpp) en LibRaw, en versiones anteriores a la 0.18.7, puede explotarse para desencadenar una desreferencia de puntero NULL. A NULL pointer dereference flaw was found in the way LibRaw processed images. An attacker could potentially use this flaw to crash applications using LibRaw by tricking them into processing crafted images. • https://access.redhat.com/errata/RHSA-2018:3065 https://github.com/LibRaw/LibRaw/blob/master/Changelog.txt https://github.com/LibRaw/LibRaw/commit/0df5490b985c419de008d32168650bff17128914 https://lists.debian.org/debian-lts-announce/2019/03/msg00036.html https://secuniaresearch.flexerasoftware.com/advisories/79000 https://secuniaresearch.flexerasoftware.com/secunia_research/2018-1 https://usn.ubuntu.com/3615-1 https://access.redhat.com/security/cve/CVE-2018-5801 https://bugzilla.redhat.com/show_bug.cg • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-476: NULL Pointer Dereference •

CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1

CVE-2018-6381

https://notcve.org/view.php?id=CVE-2018-6381

In ZZIPlib 0.13.67, 0.13.66, 0.13.65, 0.13.64, 0.13.63, 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57 and 0.13.56 there is a segmentation fault caused by invalid memory access in the zzip_disk_fread function (zzip/mmapped.c) because the size variable is not validated against the amount of file->stored data. En ZZIPlib versiones 0.13.67, 0.13.66, 0.13.65, 0.13.64, 0.13.63, 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57 y 0.13.56 hay un fallo de segmentación causado por un acceso a memoria no válido en la función zzip_disk_fread (zzip/mmapped.c) porque la variable size no se valida contra la cantidad de datos del archivo->almacenado. • https://github.com/Hack-Me/Pocs_for_Multi_Versions/tree/main/CVE-2018-6381 https://github.com/gdraheim/zziplib/issues/12 https://lists.debian.org/debian-lts-announce/2020/06/msg00029.html https://usn.ubuntu.com/3699-1 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0

CVE-2017-18079

https://notcve.org/view.php?id=CVE-2017-18079

drivers/input/serio/i8042.c in the Linux kernel before 4.12.4 allows attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact because the port->exists value can change after it is validated. drivers/input/serio/i8042.c en el kernel de Linux en versiones anteriores a la 4.12.4 permite que atacantes provoquen una denegación de servicio (desreferencia de puntero NULL y cierre inesperado del sistema) o que, posiblemente, tengan otro tipo de impacto sin especificar debido a que el valor port->exists puede cambiar tras ser validado. • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=340d394a789518018f834ff70f7534fc463d3226 http://www.securityfocus.com/bid/102895 https://github.com/torvalds/linux/commit/340d394a789518018f834ff70f7534fc463d3226 https://usn.ubuntu.com/3655-1 https://usn.ubuntu.com/3655-2 https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.12.4 • CWE-476: NULL Pointer Dereference •