Page 76 of 1790 results (0.015 seconds)

CVSS: 7.0EPSS: 0%CPEs: 13EXPL: 0

CVE-2018-14879 – tcpdump: Out of bounds read/write in in get_next_file() in tcpdump.c

https://notcve.org/view.php?id=CVE-2018-14879

The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file(). El analizador de argumentos de la línea de comandos en tcpdump versiones anteriores a 4.9.3, presenta un desbordamiento de búfer en tcpdump.c:get_next_file(). An out-of-bounds write vulnerability was discovered in tcpdump while reading the file passed to the -V option of the command line program. An attacker may abuse this flaw by tricking a victim user into using a malicious file with the -V option, which would make the program read one byte before a stack-based allocated buffer and potentially write a NULL byte to it. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html http://seclists.org/fulldisclosure/2019/Dec/26 https://github.com/the-tcpdump-group/tcpdump/blob/tcpdump-4.9/CHANGES https://github.com/the-tcpdump-group/tcpdump/commit/9ba91381954ad325ea4fd26b9c65a8bd9a2a85b6 https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2019-8705

https://notcve.org/view.php?id=CVE-2019-8705

A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15, tvOS 13. Processing a maliciously crafted movie may result in the disclosure of process memory. Un problema de corrupción de memoria fue abordado con una comprobación mejorada. Este problema es corregido en macOS Catalina versión 10.15, tvOS versión 13. • https://support.apple.com/HT210634 https://support.apple.com/kb/HT210722 • CWE-787: Out-of-bounds Write •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

CVE-2019-8675 – cups: stack-buffer-overflow in libcups's asn1_get_type function

https://notcve.org/view.php?id=CVE-2019-8675

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code. Se abordó un problema de desbordamiento del búfer con un manejo de la memoria mejorada. Este problema se corrigió en macOS Mojave versión 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. • https://support.apple.com/en-us/HT210348 https://access.redhat.com/security/cve/CVE-2019-8675 https://bugzilla.redhat.com/show_bug.cgi?id=1738455 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-121: Stack-based Buffer Overflow •

CVSS: 7.1EPSS: 0%CPEs: 15EXPL: 1

CVE-2019-11042 – heap-buffer-overflow on exif_process_user_comment in EXIF extension

https://notcve.org/view.php?id=CVE-2019-11042

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash. Cuando la extensión EXIF de PHP está analizando información EXIF de una imagen, p.ej. por medio de la función exif_read_data(), en PHP versiones 7.1.x anteriores a 7.1.31, versiones 7.2.x anteriores a 7.2.21 y versiones 7.3.x anteriores a 7.3.8, es posible suministrarle datos que harán que se lea más allá del búfer asignado . Esto puede conllevar a la divulgación de información o bloqueo. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00019.html http://seclists.org/fulldisclosure/2019/Oct/15 http://seclists.org/fulldisclosure/2019/Oct/55 https://access.redhat.com/errata/RHSA-2019:3299 https://bugs.php.net/bug.php?id=78256 https://lists.debian.org/debian-lts-announce/2019/08/msg00010.html https://seclists.org/bugtraq/2019/Oct/9 https://seclists.org/bugtraq/2019/Sep/35 https://seclists.org/bugtraq/2019/Sep/38 https://security.netapp • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-125: Out-of-bounds Read •

CVSS: 7.1EPSS: 0%CPEs: 15EXPL: 1

CVE-2019-11041 – heap-buffer-overflow on exif_scan_thumbnail in EXIF extension

https://notcve.org/view.php?id=CVE-2019-11041

When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x below 7.2.21 and 7.3.x below 7.3.8 it is possible to supply it with data what will cause it to read past the allocated buffer. This may lead to information disclosure or crash. Cuando la extensión EXIF de PHP está analizando información EXIF de una imagen, p.ej. por medio de la función exif_read_data(), en PHP versiones 7.1.x anteriores a 7.1.31, versiones 7.2.x anteriores a 7.2.21 y versiones 7.3.x anteriores a 7.3.8, es posible suministrarle datos que causará que se lea más allá del búfer asignado. Esto puede conllevar a la divulgación de información o bloqueo. • http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00019.html http://seclists.org/fulldisclosure/2019/Oct/15 http://seclists.org/fulldisclosure/2019/Oct/55 https://access.redhat.com/errata/RHSA-2019:3299 https://bugs.php.net/bug.php?id=78222 https://lists.debian.org/debian-lts-announce/2019/08/msg00010.html https://seclists.org/bugtraq/2019/Oct/9 https://seclists.org/bugtraq/2019/Sep/35 https://seclists.org/bugtraq/2019/Sep/38 https://security.netapp • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-125: Out-of-bounds Read •