Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2006-3600

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-14 Jul, 2006 | 20:00
Updated At-07 Aug, 2024 | 18:39
Rejected At-
Credits

Multiple stack-based buffer overflows in the LookupTRM::lookup function in libtunepimp (TunePimp) 0.4.2 allow remote user-assisted attackers to cause a denial of service (application crash) and possibly execute code via a long (1) Album release date (MBE_ReleaseGetDate), (2) data, or (3) error strings.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:14 Jul, 2006 | 20:00
Updated At:07 Aug, 2024 | 18:39
Rejected At:
▼CVE Numbering Authority (CNA)

Multiple stack-based buffer overflows in the LookupTRM::lookup function in libtunepimp (TunePimp) 0.4.2 allow remote user-assisted attackers to cause a denial of service (application crash) and possibly execute code via a long (1) Album release date (MBE_ReleaseGetDate), (2) data, or (3) error strings.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://exchange.xforce.ibmcloud.com/vulnerabilities/27728
vdb-entry
x_refsource_XF
http://bugs.musicbrainz.org/ticket/1764
x_refsource_MISC
http://secunia.com/advisories/21277
third-party-advisory
x_refsource_SECUNIA
http://www.debian.org/security/2006/dsa-1135
vendor-advisory
x_refsource_DEBIAN
http://securitytracker.com/id?1016539
vdb-entry
x_refsource_SECTRACK
http://secunia.com/advisories/21323
third-party-advisory
x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:126
vendor-advisory
x_refsource_MANDRIVA
http://secunia.com/advisories/21106
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/21027
third-party-advisory
x_refsource_SECUNIA
http://security.gentoo.org/glsa/glsa-200607-11.xml
vendor-advisory
x_refsource_GENTOO
http://www.osvdb.org/27094
vdb-entry
x_refsource_OSVDB
http://secunia.com/advisories/21026
third-party-advisory
x_refsource_SECUNIA
http://www.securityfocus.com/bid/18961
vdb-entry
x_refsource_BID
http://www.ubuntu.com/usn/usn-318-1
vendor-advisory
x_refsource_UBUNTU
http://www.vupen.com/english/advisories/2006/2785
vdb-entry
x_refsource_VUPEN
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/27728
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://bugs.musicbrainz.org/ticket/1764
Resource:
x_refsource_MISC
Hyperlink: http://secunia.com/advisories/21277
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.debian.org/security/2006/dsa-1135
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://securitytracker.com/id?1016539
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://secunia.com/advisories/21323
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:126
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://secunia.com/advisories/21106
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/21027
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://security.gentoo.org/glsa/glsa-200607-11.xml
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://www.osvdb.org/27094
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://secunia.com/advisories/21026
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securityfocus.com/bid/18961
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.ubuntu.com/usn/usn-318-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://www.vupen.com/english/advisories/2006/2785
Resource:
vdb-entry
x_refsource_VUPEN
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://exchange.xforce.ibmcloud.com/vulnerabilities/27728
vdb-entry
x_refsource_XF
x_transferred
http://bugs.musicbrainz.org/ticket/1764
x_refsource_MISC
x_transferred
http://secunia.com/advisories/21277
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.debian.org/security/2006/dsa-1135
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://securitytracker.com/id?1016539
vdb-entry
x_refsource_SECTRACK
x_transferred
http://secunia.com/advisories/21323
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2006:126
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://secunia.com/advisories/21106
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/21027
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://security.gentoo.org/glsa/glsa-200607-11.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
http://www.osvdb.org/27094
vdb-entry
x_refsource_OSVDB
x_transferred
http://secunia.com/advisories/21026
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.securityfocus.com/bid/18961
vdb-entry
x_refsource_BID
x_transferred
http://www.ubuntu.com/usn/usn-318-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://www.vupen.com/english/advisories/2006/2785
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/27728
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://bugs.musicbrainz.org/ticket/1764
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://secunia.com/advisories/21277
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.debian.org/security/2006/dsa-1135
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://securitytracker.com/id?1016539
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://secunia.com/advisories/21323
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:126
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://secunia.com/advisories/21106
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/21027
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://security.gentoo.org/glsa/glsa-200607-11.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://www.osvdb.org/27094
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://secunia.com/advisories/21026
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securityfocus.com/bid/18961
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.ubuntu.com/usn/usn-318-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2006/2785
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:18 Jul, 2006 | 15:37
Updated At:03 Apr, 2025 | 01:03

Multiple stack-based buffer overflows in the LookupTRM::lookup function in libtunepimp (TunePimp) 0.4.2 allow remote user-assisted attackers to cause a denial of service (application crash) and possibly execute code via a long (1) Album release date (MBE_ReleaseGetDate), (2) data, or (3) error strings.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.05.1MEDIUM
AV:N/AC:H/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 5.1
Base severity: MEDIUM
Vector:
AV:N/AC:H/Au:N/C:P/I:P/A:P
CPE Matches
libtunepimp
libtunepimp
>>libtunepimp>>0.4.2
cpe:2.3:a:libtunepimp:libtunepimp:0.4.2:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Primarynvd@nist.gov
CWE ID: CWE-119
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://bugs.musicbrainz.org/ticket/1764cve@mitre.org
N/A
http://secunia.com/advisories/21026cve@mitre.org
Patch
Vendor Advisory
http://secunia.com/advisories/21027cve@mitre.org
Patch
Vendor Advisory
http://secunia.com/advisories/21106cve@mitre.org
N/A
http://secunia.com/advisories/21277cve@mitre.org
Vendor Advisory
http://secunia.com/advisories/21323cve@mitre.org
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200607-11.xmlcve@mitre.org
N/A
http://securitytracker.com/id?1016539cve@mitre.org
N/A
http://www.debian.org/security/2006/dsa-1135cve@mitre.org
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2006:126cve@mitre.org
N/A
http://www.osvdb.org/27094cve@mitre.org
N/A
http://www.securityfocus.com/bid/18961cve@mitre.org
N/A
http://www.ubuntu.com/usn/usn-318-1cve@mitre.org
Patch
http://www.vupen.com/english/advisories/2006/2785cve@mitre.org
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/27728cve@mitre.org
N/A
http://bugs.musicbrainz.org/ticket/1764af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/21026af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://secunia.com/advisories/21027af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://secunia.com/advisories/21106af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/21277af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/21323af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://security.gentoo.org/glsa/glsa-200607-11.xmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://securitytracker.com/id?1016539af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2006/dsa-1135af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2006:126af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.osvdb.org/27094af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/18961af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/usn-318-1af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.vupen.com/english/advisories/2006/2785af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/27728af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://bugs.musicbrainz.org/ticket/1764
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/21026
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21027
Source: cve@mitre.org
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21106
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://secunia.com/advisories/21277
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21323
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://security.gentoo.org/glsa/glsa-200607-11.xml
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://securitytracker.com/id?1016539
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.debian.org/security/2006/dsa-1135
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:126
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.osvdb.org/27094
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/18961
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/usn-318-1
Source: cve@mitre.org
Resource:
Patch
Hyperlink: http://www.vupen.com/english/advisories/2006/2785
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/27728
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://bugs.musicbrainz.org/ticket/1764
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/21026
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21027
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21106
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/21277
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21323
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://security.gentoo.org/glsa/glsa-200607-11.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://securitytracker.com/id?1016539
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2006/dsa-1135
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:126
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.osvdb.org/27094
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/18961
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/usn-318-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Hyperlink: http://www.vupen.com/english/advisories/2006/2785
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/27728
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

65Records found
CVE-2012-2942
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.1||MEDIUM
EPSS-0.20% / 42.01%
||
7 Day CHG~0.00%
Published-27 May, 2012 | 20:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the trash buffer in the header capture functionality in HAProxy before 1.4.21, when global.tune.bufsize is set to a value greater than the default and header rewriting is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code via unspecified vectors.

Action-Not Available
Vendor-haproxyn/a
Product-haproxyn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2025-2584
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-2.3||LOW
EPSS-0.05% / 15.50%
||
7 Day CHG~0.00%
Published-21 Mar, 2025 | 07:31
Updated-24 Mar, 2025 | 14:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WebAssembly wabt binary-reader-interp.cc GetReturnCallDropKeepCount heap-based overflow

A vulnerability was found in WebAssembly wabt 1.0.36. It has been declared as critical. This vulnerability affects the function BinaryReaderInterp::GetReturnCallDropKeepCount of the file wabt/src/interp/binary-reader-interp.cc. The manipulation leads to heap-based buffer overflow. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-webassemblyWebAssembly
Product-wabtwabt
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2012-0807
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-5.1||MEDIUM
EPSS-4.81% / 89.08%
||
7 Day CHG~0.00%
Published-27 Jan, 2012 | 00:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the suhosin_encrypt_single_cookie function in the transparent cookie-encryption feature in the Suhosin extension before 0.9.33 for PHP, when suhosin.cookie.encrypt and suhosin.multiheader are enabled, might allow remote attackers to execute arbitrary code via a long string that is used in a Set-Cookie HTTP header.

Action-Not Available
Vendor-hardened-phpn/a
Product-suhosinn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2025-2153
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-2.3||LOW
EPSS-0.07% / 22.44%
||
7 Day CHG~0.00%
Published-10 Mar, 2025 | 14:00
Updated-12 May, 2025 | 15:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HDF5 h5 File H5SM.c H5SM_delete heap-based overflow

A vulnerability, which was classified as critical, was found in HDF5 1.14.6. Affected is the function H5SM_delete of the file H5SM.c of the component h5 File Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.

Action-Not Available
Vendor-n/aThe HDF Group
Product-hdf5HDF5
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-2148
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-2.3||LOW
EPSS-0.07% / 20.40%
||
7 Day CHG~0.00%
Published-10 Mar, 2025 | 12:00
Updated-23 Jun, 2025 | 18:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PyTorch Tuple torch.ops.profiler._call_end_callbacks_on_jit_fut memory corruption

A vulnerability was found in PyTorch 2.6.0+cu124. It has been declared as critical. Affected by this vulnerability is the function torch.ops.profiler._call_end_callbacks_on_jit_fut of the component Tuple Handler. The manipulation of the argument None leads to memory corruption. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult.

Action-Not Available
Vendor-pytorchn/a
Product-pytorchPyTorch
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2025-0840
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.3||MEDIUM
EPSS-0.16% / 37.01%
||
7 Day CHG+0.02%
Published-29 Jan, 2025 | 20:00
Updated-04 Mar, 2025 | 14:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GNU Binutils objdump.c disassemble_bytes stack-based overflow

A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function disassemble_bytes of the file binutils/objdump.c. The manipulation of the argument buf leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 2.44 is able to address this issue. The identifier of the patch is baac6c221e9d69335bf41366a1c7d87d8ab2f893. It is recommended to upgrade the affected component.

Action-Not Available
Vendor-GNU
Product-binutilsBinutils
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-1179
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-2.3||LOW
EPSS-0.14% / 34.88%
||
7 Day CHG~0.00%
Published-11 Feb, 2025 | 07:00
Updated-03 Mar, 2025 | 16:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GNU Binutils ld libbfd.c bfd_putl64 memory corruption

A vulnerability was found in GNU Binutils 2.43. It has been rated as critical. Affected by this issue is the function bfd_putl64 of the file bfd/libbfd.c of the component ld. The manipulation leads to memory corruption. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 2.44 is able to address this issue. It is recommended to upgrade the affected component. The code maintainer explains, that "[t]his bug has been fixed at some point between the 2.43 and 2.44 releases".

Action-Not Available
Vendor-GNU
Product-binutilsBinutils
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2025-1182
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-2.3||LOW
EPSS-0.14% / 34.25%
||
7 Day CHG~0.00%
Published-11 Feb, 2025 | 08:31
Updated-21 May, 2025 | 20:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GNU Binutils ld elflink.c bfd_elf_reloc_symbol_deleted_p memory corruption

A vulnerability, which was classified as critical, was found in GNU Binutils 2.43. Affected is the function bfd_elf_reloc_symbol_deleted_p of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The patch is identified as b425859021d17adf62f06fb904797cf8642986ad. It is recommended to apply a patch to fix this issue.

Action-Not Available
Vendor-GNU
Product-binutilsBinutils
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2025-1178
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.3||MEDIUM
EPSS-0.16% / 37.39%
||
7 Day CHG~0.00%
Published-11 Feb, 2025 | 06:31
Updated-21 May, 2025 | 20:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GNU Binutils ld libbfd.c bfd_putl64 memory corruption

A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. Affected by this vulnerability is the function bfd_putl64 of the file libbfd.c of the component ld. The manipulation leads to memory corruption. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier of the patch is 75086e9de1707281172cc77f178e7949a4414ed0. It is recommended to apply a patch to fix this issue.

Action-Not Available
Vendor-NetApp, Inc.GNU
Product-active_iq_unified_managerbinutilsontap_select_deploy_administration_utilityBinutils
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2025-1176
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-2.3||LOW
EPSS-0.14% / 34.13%
||
7 Day CHG~0.00%
Published-11 Feb, 2025 | 05:31
Updated-11 Apr, 2025 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GNU Binutils ld elflink.c _bfd_elf_gc_mark_rsec heap-based overflow

A vulnerability was found in GNU Binutils 2.43 and classified as critical. This issue affects the function _bfd_elf_gc_mark_rsec of the file elflink.c of the component ld. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The patch is named f9978defb6fab0bd8583942d97c112b0932ac814. It is recommended to apply a patch to fix this issue.

Action-Not Available
Vendor-GNU
Product-binutilsBinutils
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2025-0870
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-6.3||MEDIUM
EPSS-0.08% / 24.75%
||
7 Day CHG+0.01%
Published-30 Jan, 2025 | 13:00
Updated-28 Feb, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Axiomatic Bento4 Ap4DataBuffer.h GetData heap-based overflow

A vulnerability was found in Axiomatic Bento4 up to 1.6.0-641. It has been rated as critical. Affected by this issue is the function AP4_DataBuffer::GetData in the library Ap4DataBuffer.h. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.

Action-Not Available
Vendor-Axiomatic Systems, LLC
Product-bento4Bento4
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2011-3170
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-5.1||MEDIUM
EPSS-7.69% / 91.53%
||
7 Day CHG~0.00%
Published-19 Aug, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The gif_read_lzw function in filter/image-gif.c in CUPS 1.4.8 and earlier does not properly handle the first code word in an LZW stream, which allows remote attackers to trigger a heap-based buffer overflow, and possibly execute arbitrary code, via a crafted stream, a different vulnerability than CVE-2011-2896.

Action-Not Available
Vendor-n/aApple Inc.
Product-cupsn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2025-1181
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-2.3||LOW
EPSS-0.18% / 40.21%
||
7 Day CHG~0.00%
Published-11 Feb, 2025 | 08:00
Updated-21 May, 2025 | 20:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
GNU Binutils ld elflink.c _bfd_elf_gc_mark_rsec memory corruption

A vulnerability classified as critical was found in GNU Binutils 2.43. This vulnerability affects the function _bfd_elf_gc_mark_rsec of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is 931494c9a89558acb36a03a340c01726545eef24. It is recommended to apply a patch to fix this issue.

Action-Not Available
Vendor-NetApp, Inc.GNU
Product-active_iq_unified_managerbinutilsontap_select_deploy_administration_utilityBinutils
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2013-0130
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-5.1||MEDIUM
EPSS-0.77% / 72.57%
||
7 Day CHG~0.00%
Published-29 Mar, 2013 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in Core FTP before 2.2 build 1769 allow remote FTP servers to execute arbitrary code or cause a denial of service (application crash) via a long directory name in a (1) DELE, (2) LIST, or (3) VIEW command.

Action-Not Available
Vendor-coreftpn/a
Product-coreftpn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-3311
Matching Score-4
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-4
Assigner-Cisco Systems, Inc.
CVSS Score-5.1||MEDIUM
EPSS-3.06% / 86.18%
||
7 Day CHG~0.00%
Published-10 Jul, 2014 | 10:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the file-sharing feature in WebEx Meetings Client in Cisco WebEx Meetings Server and WebEx Meeting Center allows remote attackers to execute arbitrary code via crafted data, aka Bug IDs CSCup62463 and CSCup58467.

Action-Not Available
Vendor-n/aCisco Systems, Inc.
Product-webex_meetings_serverwebex_meeting_centern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • Next
Details not found