Page 22 of 212 results (0.011 seconds)

CVSS: 6.5EPSS: 0%CPEs: 17EXPL: 0

The JPXStream::init function in Poppler 0.78.0 and earlier doesn't check for negative values of stream length, leading to an Integer Overflow, thereby making it possible to allocate a large memory chunk on the heap, with a size controlled by an attacker, as demonstrated by pdftocairo. La función JPXStream::init en Poppler versión 0.78.0 y anteriores, no comprueba los valores negativos de la longitud de la transmisión, lo que conlleva a un Desbordamiento de Enteros, y por lo tanto hace posible asignar una gran fragmento de memoria en la pila, con un tamaño controlado por un atacante, como es demostrado por pdftocairo. • http://www.securityfocus.com/bid/109342 https://access.redhat.com/errata/RHSA-2019:2713 https://gitlab.freedesktop.org/poppler/poppler/blob/master/NEWS https://lists.debian.org/debian-lts-announce/2019/10/msg00024.html https://lists.debian.org/debian-lts-announce/2020/11/msg00014.html https://lists.debian.org/debian-lts-announce/2022/09/msg00030.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5ZOYOZTGU4RGZW4E63OZ7LW4SMPEWGBV https://lists.fedoraproject • CWE-190: Integer Overflow or Wraparound •

CVSS: 9.8EPSS: 2%CPEs: 28EXPL: 1

Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code execution. The component is: function name: pango_log2vis_get_embedding_levels, assignment of nchars and the loop condition. The attack vector is: Bug can be used when application pass invalid utf-8 strings to functions like pango_itemize. Pango versión 1.42 y posterior de Gnome, está afectada por: Desbordamiento de Búfer. • https://access.redhat.com/errata/RHBA-2019:2824 https://access.redhat.com/errata/RHSA-2019:2571 https://access.redhat.com/errata/RHSA-2019:2582 https://access.redhat.com/errata/RHSA-2019:2594 https://access.redhat.com/errata/RHSA-2019:3234 https://gitlab.gnome.org/GNOME/pango/-/commits/main/pango/pango-bidi-type.c https://gitlab.gnome.org/GNOME/pango/-/issues/342 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D6HWAHXJ2ZXINYMANHPFDD • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •

CVSS: 8.1EPSS: 0%CPEs: 23EXPL: 1

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in BlitNtoN in video/SDL_blit_N.c when called from SDL_SoftBlit in video/SDL_blit.c. hasta 2.0.9, presenta una lectura excesiva del búfer en la región heap de la memoria en BlitNtoN en el archivo video/SDL_blit_N.c cuando es llamado desde SDL_SoftBlit en el archivo video/SDL_blit.c. A heap-based buffer overflow was discovered in SDL in the SDL_BlitCopy() function, that was called while copying an existing surface into a new optimized one, due to lack of validation while loading a BMP image in the SDL_LoadBMP_RW() function. An application that uses SDL to parse untrusted input files may be vulnerable to this flaw, which could allow an attacker to make the application crash or possibly execute code. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00014.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00029.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00030.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00093.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00094.html https://access.redhat.com/errata/RHSA-2019:3950 https:/ • CWE-125: Out-of-bounds Read •

CVSS: 7.2EPSS: 15%CPEs: 23EXPL: 0

A heap-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By carefully corrupting a hyperloglog using the SETRANGE command, an attacker could trick Redis interpretation of dense HLL encoding to write up to 3 bytes beyond the end of a heap-allocated buffer. Se detectó una vulnerabilidad de desbordamiento del búfer de la pila en hyperloglog data structure versiones 3.x anteriores a 3.2.13, versiones 4.x anteriores a 4.0.14 y versiones 5.x anteriores a 5.0.4 de Redis. Por la corrupción cuidadosa de un hyperloglog usando el comando SETRANGE, un atacante podría engañar la interpretación de Redis de codificación HLL densa para escribir hasta 3 bytes más allá del final de un búfer asignado a la pila. A heap buffer overflow vulnerability was found in the Redis HyperLogLog data structure. • http://www.securityfocus.com/bid/109290 https://access.redhat.com/errata/RHSA-2019:1819 https://access.redhat.com/errata/RHSA-2019:1860 https://access.redhat.com/errata/RHSA-2019:2002 https://access.redhat.com/errata/RHSA-2019:2506 https://access.redhat.com/errata/RHSA-2019:2508 https://access.redhat.com/errata/RHSA-2019:2621 https://access.redhat.com/errata/RHSA-2019:2630 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10192 https://raw.githubusercontent.com/antir • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 7.2EPSS: 18%CPEs: 22EXPL: 0

A stack-buffer overflow vulnerability was found in the Redis hyperloglog data structure versions 3.x before 3.2.13, 4.x before 4.0.14 and 5.x before 5.0.4. By corrupting a hyperloglog using the SETRANGE command, an attacker could cause Redis to perform controlled increments of up to 12 bytes past the end of a stack-allocated buffer. Se detectó una vulnerabilidad de desbordamiento del búfer de la pila en hyperloglog data structure de Redis en las versiones 3.x anteriores a 3.2.13, versiones 4.x anteriores a 4.0.14 y versiones 5.x anteriores a 5.0.4. Por la corrupción de un hiperloglog usando el comando SETRANGE, un atacante podría causar que Redis realizara incrementos controlados de hasta 12 bytes más allá del final de un búfer asignado a la pila. A stack buffer overflow vulnerability was found in the Redis HyperLogLog data structure. • http://www.securityfocus.com/bid/109290 https://access.redhat.com/errata/RHSA-2019:1819 https://access.redhat.com/errata/RHSA-2019:2002 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10193 https://raw.githubusercontent.com/antirez/redis/3.2/00-RELEASENOTES https://raw.githubusercontent.com/antirez/redis/4.0/00-RELEASENOTES https://raw.githubusercontent.com/antirez/redis/5.0/00-RELEASENOTES https://seclists.org/bugtraq/2019/Jul/19 https://security.gentoo.org/glsa/201908-0 • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •