Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2006-3582

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-13 Jul, 2006 | 19:00
Updated At-07 Aug, 2024 | 18:30
Rejected At-
Credits

Multiple heap-based buffer overflows in Audacious AdPlug 2.0 and earlier allow remote user-assisted attackers to execute arbitrary code via the size specified in the package header of (1) CFF, (2) MTK, (3) DMO, and (4) U6M files.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:13 Jul, 2006 | 19:00
Updated At:07 Aug, 2024 | 18:30
Rejected At:
▼CVE Numbering Authority (CNA)

Multiple heap-based buffer overflows in Audacious AdPlug 2.0 and earlier allow remote user-assisted attackers to execute arbitrary code via the size specified in the package header of (1) CFF, (2) MTK, (3) DMO, and (4) U6M files.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.vupen.com/english/advisories/2006/2697
vdb-entry
x_refsource_VUPEN
https://exchange.xforce.ibmcloud.com/vulnerabilities/27670
vdb-entry
x_refsource_XF
http://secunia.com/advisories/21238
third-party-advisory
x_refsource_SECUNIA
http://www.osvdb.org/27043
vdb-entry
x_refsource_OSVDB
http://www.osvdb.org/27044
vdb-entry
x_refsource_OSVDB
https://exchange.xforce.ibmcloud.com/vulnerabilities/27677
vdb-entry
x_refsource_XF
http://secunia.com/advisories/21295
third-party-advisory
x_refsource_SECUNIA
http://www.osvdb.org/27042
vdb-entry
x_refsource_OSVDB
http://www.securityfocus.com/bid/18859
vdb-entry
x_refsource_BID
http://www.osvdb.org/27047
vdb-entry
x_refsource_OSVDB
http://security.gentoo.org/glsa/glsa-200609-06.xml
vendor-advisory
x_refsource_GENTOO
http://secunia.com/advisories/21869
third-party-advisory
x_refsource_SECUNIA
http://adplug.cvs.sourceforge.net/adplug/adplug/src/cff.cpp?r1=1.16&r2=1.17
x_refsource_CONFIRM
http://aluigi.altervista.org/adv/adplugbof-adv.txt
x_refsource_MISC
http://security.gentoo.org/glsa/glsa-200607-13.xml
vendor-advisory
x_refsource_GENTOO
http://www.securityfocus.com/archive/1/439432/100/100/threaded
mailing-list
x_refsource_BUGTRAQ
http://secunia.com/advisories/20972
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2006/2697
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/27670
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://secunia.com/advisories/21238
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.osvdb.org/27043
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://www.osvdb.org/27044
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/27677
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://secunia.com/advisories/21295
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.osvdb.org/27042
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://www.securityfocus.com/bid/18859
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.osvdb.org/27047
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://security.gentoo.org/glsa/glsa-200609-06.xml
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://secunia.com/advisories/21869
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://adplug.cvs.sourceforge.net/adplug/adplug/src/cff.cpp?r1=1.16&r2=1.17
Resource:
x_refsource_CONFIRM
Hyperlink: http://aluigi.altervista.org/adv/adplugbof-adv.txt
Resource:
x_refsource_MISC
Hyperlink: http://security.gentoo.org/glsa/glsa-200607-13.xml
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://www.securityfocus.com/archive/1/439432/100/100/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://secunia.com/advisories/20972
Resource:
third-party-advisory
x_refsource_SECUNIA
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.vupen.com/english/advisories/2006/2697
vdb-entry
x_refsource_VUPEN
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/27670
vdb-entry
x_refsource_XF
x_transferred
http://secunia.com/advisories/21238
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.osvdb.org/27043
vdb-entry
x_refsource_OSVDB
x_transferred
http://www.osvdb.org/27044
vdb-entry
x_refsource_OSVDB
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/27677
vdb-entry
x_refsource_XF
x_transferred
http://secunia.com/advisories/21295
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.osvdb.org/27042
vdb-entry
x_refsource_OSVDB
x_transferred
http://www.securityfocus.com/bid/18859
vdb-entry
x_refsource_BID
x_transferred
http://www.osvdb.org/27047
vdb-entry
x_refsource_OSVDB
x_transferred
http://security.gentoo.org/glsa/glsa-200609-06.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
http://secunia.com/advisories/21869
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://adplug.cvs.sourceforge.net/adplug/adplug/src/cff.cpp?r1=1.16&r2=1.17
x_refsource_CONFIRM
x_transferred
http://aluigi.altervista.org/adv/adplugbof-adv.txt
x_refsource_MISC
x_transferred
http://security.gentoo.org/glsa/glsa-200607-13.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
http://www.securityfocus.com/archive/1/439432/100/100/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://secunia.com/advisories/20972
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2006/2697
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/27670
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://secunia.com/advisories/21238
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.osvdb.org/27043
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://www.osvdb.org/27044
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/27677
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://secunia.com/advisories/21295
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.osvdb.org/27042
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://www.securityfocus.com/bid/18859
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.osvdb.org/27047
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://security.gentoo.org/glsa/glsa-200609-06.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://secunia.com/advisories/21869
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://adplug.cvs.sourceforge.net/adplug/adplug/src/cff.cpp?r1=1.16&r2=1.17
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://aluigi.altervista.org/adv/adplugbof-adv.txt
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://security.gentoo.org/glsa/glsa-200607-13.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/439432/100/100/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://secunia.com/advisories/20972
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:13 Jul, 2006 | 19:05
Updated At:03 Apr, 2025 | 01:03

Multiple heap-based buffer overflows in Audacious AdPlug 2.0 and earlier allow remote user-assisted attackers to execute arbitrary code via the size specified in the package header of (1) CFF, (2) MTK, (3) DMO, and (4) U6M files.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.05.1MEDIUM
AV:N/AC:H/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 5.1
Base severity: MEDIUM
Vector:
AV:N/AC:H/Au:N/C:P/I:P/A:P
CPE Matches
audacious_media_player_team
audacious_media_player_team
>>adplug>>Versions up to 2.0(inclusive)
cpe:2.3:a:audacious_media_player_team:adplug:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Primarynvd@nist.gov
CWE ID: CWE-119
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://adplug.cvs.sourceforge.net/adplug/adplug/src/cff.cpp?r1=1.16&r2=1.17cve@mitre.org
N/A
http://aluigi.altervista.org/adv/adplugbof-adv.txtcve@mitre.org
Exploit
Vendor Advisory
http://secunia.com/advisories/20972cve@mitre.org
Patch
Vendor Advisory
http://secunia.com/advisories/21238cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/21295cve@mitre.org
N/A
http://secunia.com/advisories/21869cve@mitre.org
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200607-13.xmlcve@mitre.org
N/A
http://security.gentoo.org/glsa/glsa-200609-06.xmlcve@mitre.org
N/A
http://www.osvdb.org/27042cve@mitre.org
N/A
http://www.osvdb.org/27043cve@mitre.org
N/A
http://www.osvdb.org/27044cve@mitre.org
N/A
http://www.osvdb.org/27047cve@mitre.org
N/A
http://www.securityfocus.com/archive/1/439432/100/100/threadedcve@mitre.org
N/A
http://www.securityfocus.com/bid/18859cve@mitre.org
Exploit
http://www.vupen.com/english/advisories/2006/2697cve@mitre.org
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/27670cve@mitre.org
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/27677cve@mitre.org
N/A
http://adplug.cvs.sourceforge.net/adplug/adplug/src/cff.cpp?r1=1.16&r2=1.17af854a3a-2127-422b-91ae-364da2661108
N/A
http://aluigi.altervista.org/adv/adplugbof-adv.txtaf854a3a-2127-422b-91ae-364da2661108
Exploit
Vendor Advisory
http://secunia.com/advisories/20972af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://secunia.com/advisories/21238af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/21295af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/21869af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200607-13.xmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://security.gentoo.org/glsa/glsa-200609-06.xmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.osvdb.org/27042af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.osvdb.org/27043af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.osvdb.org/27044af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.osvdb.org/27047af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/archive/1/439432/100/100/threadedaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/18859af854a3a-2127-422b-91ae-364da2661108
Exploit
http://www.vupen.com/english/advisories/2006/2697af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/27670af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/27677af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://adplug.cvs.sourceforge.net/adplug/adplug/src/cff.cpp?r1=1.16&r2=1.17
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://aluigi.altervista.org/adv/adplugbof-adv.txt
Source: cve@mitre.org
Resource:
Exploit
Vendor Advisory
Hyperlink: http://secunia.com/advisories/20972
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21238
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21295
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/21869
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://security.gentoo.org/glsa/glsa-200607-13.xml
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://security.gentoo.org/glsa/glsa-200609-06.xml
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.osvdb.org/27042
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.osvdb.org/27043
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.osvdb.org/27044
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.osvdb.org/27047
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/439432/100/100/threaded
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/18859
Source: cve@mitre.org
Resource:
Exploit
Hyperlink: http://www.vupen.com/english/advisories/2006/2697
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/27670
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/27677
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://adplug.cvs.sourceforge.net/adplug/adplug/src/cff.cpp?r1=1.16&r2=1.17
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://aluigi.altervista.org/adv/adplugbof-adv.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Vendor Advisory
Hyperlink: http://secunia.com/advisories/20972
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21238
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21295
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/21869
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://security.gentoo.org/glsa/glsa-200607-13.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://security.gentoo.org/glsa/glsa-200609-06.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.osvdb.org/27042
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.osvdb.org/27043
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.osvdb.org/27044
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.osvdb.org/27047
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/archive/1/439432/100/100/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/18859
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Hyperlink: http://www.vupen.com/english/advisories/2006/2697
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/27670
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/27677
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

65Records found
CVE-2012-2942
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.1||MEDIUM
EPSS-0.20% / 42.02%
||
7 Day CHG~0.00%
Published-27 May, 2012 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the trash buffer in the header capture functionality in HAProxy before 1.4.21, when global.tune.bufsize is set to a value greater than the default and header rewriting is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors.

Action-Not Available
Vendor-haproxyn/a
Product-haproxyn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2025-2153
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-2.3||LOW
EPSS-0.07% / 22.43%
||
7 Day CHG~0.00%
Published-10 Mar, 2025 | 14:00
Updated-12 May, 2025 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HDF5 h5 File H5SM.c H5SM_delete heap-based overflow

A vulnerability, which was classified as critical, was found in HDF5 1.14.6. Affected is the function H5SM_delete of the file H5SM.c of the component h5 File Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-n/aThe HDF Group
Product-hdf5HDF5
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-2148
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-2.3||LOW
EPSS-0.07% / 20.39%
||
7 Day CHG~0.00%
Published-10 Mar, 2025 | 12:00
Updated-23 Jun, 2025 | 18:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PyTorch Tuple torch.ops.profiler._call_end_callbacks_on_jit_fut memory corruption

A vulnerability was found in PyTorch 2.6.0+cu124. It has been declared as critical. Affected by this vulnerability is the function torch.ops.profiler._call_end_callbacks_on_jit_fut of the component Tuple Handler. The manipulation of the argument None leads to memory corruption. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult.

Action-Not Available
Vendor-pytorchn/a
Product-pytorchPyTorch
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2025-1182
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-2.3||LOW
EPSS-0.14% / 34.25%
||
7 Day CHG~0.00%
Published-11 Feb, 2025 | 08:31
Updated-21 May, 2025 | 20:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GNU Binutils ld elflink.c bfd_elf_reloc_symbol_deleted_p memory corruption

A vulnerability, which was classified as critical, was found in GNU Binutils 2.43. Affected is the function bfd_elf_reloc_symbol_deleted_p of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The patch is identified as b425859021d17adf62f06fb904797cf8642986ad. It is recommended to apply a patch to fix this issue.

Action-Not Available
Vendor-GNU
Product-binutilsBinutils
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2025-1352
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-2.3||LOW
EPSS-0.14% / 33.91%
||
7 Day CHG~0.00%
Published-16 Feb, 2025 | 14:31
Updated-18 Feb, 2025 | 21:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GNU elfutils eu-readelf libdw_alloc.c __libdw_thread_tail memory corruption

A vulnerability has been found in GNU elfutils 0.192 and classified as critical. This vulnerability affects the function __libdw_thread_tail in the library libdw_alloc.c of the component eu-readelf. The manipulation of the argument w leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is 2636426a091bd6c6f7f02e49ab20d4cdc6bfc753. It is recommended to apply a patch to fix this issue.

Action-Not Available
Vendor-GNU
Product-elfutils
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2025-1179
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-2.3||LOW
EPSS-0.14% / 34.88%
||
7 Day CHG~0.00%
Published-11 Feb, 2025 | 07:00
Updated-03 Mar, 2025 | 16:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GNU Binutils ld libbfd.c bfd_putl64 memory corruption

A vulnerability was found in GNU Binutils 2.43. It has been rated as critical. Affected by this issue is the function bfd_putl64 of the file bfd/libbfd.c of the component ld. The manipulation leads to memory corruption. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 2.44 is able to address this issue. It is recommended to upgrade the affected component. The code maintainer explains, that "[t]his bug has been fixed at some point between the 2.43 and 2.44 releases".

Action-Not Available
Vendor-GNU
Product-binutilsBinutils
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2025-1178
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.3||MEDIUM
EPSS-0.16% / 37.40%
||
7 Day CHG~0.00%
Published-11 Feb, 2025 | 06:31
Updated-21 May, 2025 | 20:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GNU Binutils ld libbfd.c bfd_putl64 memory corruption

A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. Affected by this vulnerability is the function bfd_putl64 of the file libbfd.c of the component ld. The manipulation leads to memory corruption. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier of the patch is 75086e9de1707281172cc77f178e7949a4414ed0. It is recommended to apply a patch to fix this issue.

Action-Not Available
Vendor-NetApp, Inc.GNU
Product-active_iq_unified_managerbinutilsontap_select_deploy_administration_utilityBinutils
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2025-0840
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.3||MEDIUM
EPSS-0.16% / 37.02%
||
7 Day CHG+0.02%
Published-29 Jan, 2025 | 20:00
Updated-04 Mar, 2025 | 14:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GNU Binutils objdump.c disassemble_bytes stack-based overflow

A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function disassemble_bytes of the file binutils/objdump.c. The manipulation of the argument buf leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 2.44 is able to address this issue. The identifier of the patch is baac6c221e9d69335bf41366a1c7d87d8ab2f893. It is recommended to upgrade the affected component.

Action-Not Available
Vendor-GNU
Product-binutilsBinutils
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-0870
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.3||MEDIUM
EPSS-0.08% / 24.75%
||
7 Day CHG+0.01%
Published-30 Jan, 2025 | 13:00
Updated-28 Feb, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Axiomatic Bento4 Ap4DataBuffer.h GetData heap-based overflow

A vulnerability was found in Axiomatic Bento4 up to 1.6.0-641. It has been rated as critical. Affected by this issue is the function AP4_DataBuffer::GetData in the library Ap4DataBuffer.h. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.

Action-Not Available
Vendor-Axiomatic Systems, LLC
Product-bento4Bento4
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-1176
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-2.3||LOW
EPSS-0.14% / 34.12%
||
7 Day CHG~0.00%
Published-11 Feb, 2025 | 05:31
Updated-11 Apr, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GNU Binutils ld elflink.c _bfd_elf_gc_mark_rsec heap-based overflow

A vulnerability was found in GNU Binutils 2.43 and classified as critical. This issue affects the function _bfd_elf_gc_mark_rsec of the file elflink.c of the component ld. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The patch is named f9978defb6fab0bd8583942d97c112b0932ac814. It is recommended to apply a patch to fix this issue.

Action-Not Available
Vendor-GNU
Product-binutilsBinutils
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2011-3170
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.1||MEDIUM
EPSS-7.69% / 91.53%
||
7 Day CHG~0.00%
Published-19 Aug, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than CVE-2011-2896.

Action-Not Available
Vendor-n/aApple Inc.
Product-cupsn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-0166
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.1||MEDIUM
EPSS-17.91% / 94.88%
||
7 Day CHG~0.00%
Published-25 Mar, 2010 | 20:31
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The gfxTextRun::SanitizeGlyphRuns function in gfx/thebes/src/gfxFont.cpp in the browser engine in Mozilla Firefox 3.6 before 3.6.2 on Mac OS X, when the Core Text API is used, does not properly perform certain deletions, which allows remote attackers to cause a denial of service (memory corruption and application crash) and possibly execute arbitrary code via an HTML document containing invisible Unicode characters, as demonstrated by the U+FEFF, U+FFF9, U+FFFA, and U+FFFB characters.

Action-Not Available
Vendor-n/aMozilla CorporationApple Inc.
Product-mac_os_xfirefoxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2025-1181
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-2.3||LOW
EPSS-0.18% / 40.22%
||
7 Day CHG~0.00%
Published-11 Feb, 2025 | 08:00
Updated-21 May, 2025 | 20:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GNU Binutils ld elflink.c _bfd_elf_gc_mark_rsec memory corruption

A vulnerability classified as critical was found in GNU Binutils 2.43. This vulnerability affects the function _bfd_elf_gc_mark_rsec of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is 931494c9a89558acb36a03a340c01726545eef24. It is recommended to apply a patch to fix this issue.

Action-Not Available
Vendor-NetApp, Inc.GNU
Product-active_iq_unified_managerbinutilsontap_select_deploy_administration_utilityBinutils
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-0130
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-5.1||MEDIUM
EPSS-0.77% / 72.57%
||
7 Day CHG~0.00%
Published-29 Mar, 2013 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in Core FTP before 2.2 build 1769 allow remote FTP servers to execute arbitrary code or cause a denial of service (application crash) via a long directory name in a (1) DELE, (2) LIST, or (3) VIEW command.

Action-Not Available
Vendor-coreftpn/a
Product-coreftpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-3311
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-5.1||MEDIUM
EPSS-3.06% / 86.18%
||
7 Day CHG~0.00%
Published-10 Jul, 2014 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the file-sharing feature in WebEx Meetings Client in Cisco WebEx Meetings Server and WebEx Meeting Center allows remote attackers to execute arbitrary code via crafted data, aka Bug IDs CSCup62463 and CSCup58467.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-webex_meetings_serverwebex_meeting_centern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • Next
Details not found