CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 1CVE-2022-26981
https://notcve.org/view.php?id=CVE-2022-26981
Liblouis through 3.21.0 has a buffer overflow in compilePassOpcode in compileTranslationTable.c (called, indirectly, by tools/lou_checktable.c). Liblouis versiones hasta 3.21.0, presenta un desbordamiento de búfer en compilePassOpcode en el archivo compileTranslationTable.c (llamado, indirectamente, por el archivo tools/lou_checktable.c) • http://seclists.org/fulldisclosure/2022/Jul/12 http://seclists.org/fulldisclosure/2022/Jul/15 http://seclists.org/fulldisclosure/2022/Jul/16 http://seclists.org/fulldisclosure/2022/Jul/18 https://github.com/liblouis/liblouis/issues/1171 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CFD2KIHESDUCNWTEW3USFB5GKTWT624L https://security.gentoo.org/glsa/202301-06 https://support.apple.com/kb/HT213340 https://support.apple.com/kb/HT213342 https://sup • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-17294
https://notcve.org/view.php?id=CVE-2018-17294
The matchCurrentInput function inside lou_translateString.c of Liblouis prior to 3.7 does not check the input string's length, allowing attackers to cause a denial of service (application crash via out-of-bounds read) by crafting an input file with certain translation dictionaries. La función matchCurrentInput dentro de lou_translateString.c de Liblouis en versiones anteriores a la 3.7 no comprueba la longitud de la cadena entrante, permitiendo a los atacantes provocar una denegación de servicio (cierre inesperado de la aplicación mediante una lectura fuera de límites) creando un archivo entrante con determinados diccionarios de traducción. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00038.html http://www.securityfocus.com/bid/105511 https://github.com/liblouis/liblouis/commit/5e4089659bb49b3095fa541fa6387b4c40d7396e https://github.com/liblouis/liblouis/issues/635 https://usn.ubuntu.com/3782-1 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13743 – liblouis: Buffer overflow in the function _lou_showString()
https://notcve.org/view.php?id=CVE-2017-13743
There is a buffer overflow in Liblouis 3.2.0, triggered in the function _lou_showString() in utils.c, that will lead to a remote denial of service attack. Existe un desbordamiento de búfer en Liblouis 3.2.0 que se desencadena en la función _lou_showString() en utils.c que provocaría un ataque de denegación de servicio remoto. • http://www.securityfocus.com/bid/100607 https://access.redhat.com/errata/RHSA-2017:3111 https://bugzilla.redhat.com/show_bug.cgi?id=1484335 https://access.redhat.com/security/cve/CVE-2017-13743 https://bugzilla.redhat.com/show_bug.cgi?id=1488942 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13741 – liblouis: Use-after-free in the function compileBrailleIndicator()
https://notcve.org/view.php?id=CVE-2017-13741
There is a use-after-free in the function compileBrailleIndicator() in compileTranslationTable.c in Liblouis 3.2.0 that will lead to a remote denial of service attack. Existe una vulnerabilidad de uso después de liberación de memoria (use-after-free) en la función compileTranslationTable.c en Liblouis 3.2.0 que podría acabar en un ataque de denegación de servicio remoto. • http://www.securityfocus.com/bid/100607 https://access.redhat.com/errata/RHSA-2017:3111 https://bugzilla.redhat.com/show_bug.cgi?id=1484332 https://access.redhat.com/security/cve/CVE-2017-13741 https://bugzilla.redhat.com/show_bug.cgi?id=1488938 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2017-13744 – liblouis: Illegal address access in the _lou_getALine() function
https://notcve.org/view.php?id=CVE-2017-13744
There is an illegal address access in the function _lou_getALine() in compileTranslationTable.c:343 in Liblouis 3.2.0. Existe un acceso ilegal a direcciones en la función _lou_getALine() en compileTranslationTable.c:343 en Liblouis 3.2.0. • http://www.securityfocus.com/bid/100607 https://access.redhat.com/errata/RHSA-2017:3111 https://bugzilla.redhat.com/show_bug.cgi?id=1484338 https://access.redhat.com/security/cve/CVE-2017-13744 https://bugzilla.redhat.com/show_bug.cgi?id=1488935 • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •