Search CVE reports

An integer overflow vulnerability exists in the OLE Document File Allocation Table Parser functionality of catdoc 0.95. A specially crafted malformed file can lead to heap-based memory corruption. An attacker can provide a...

A memory corruption vulnerability exists in the Shared String Table Record Parser implementation in xls2csv utility version 0.95. A specially crafted malformed file can lead to a heap buffer overflow. An attacker can provide a...

YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified

Perl threads have a working directory race condition where file operations may target unintended paths. If a directory handle is open at thread creation, the process-wide current working directory is temporarily changed in order...

jhead v3.08 was discovered to contain a heap-use-after-free via the ProcessFile function at jhead.c.

A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read...

hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5Z__filter_scaleoffset function.

hdf5 v1.14.6 was discovered to contain a heap buffer overflow via the H5VM_memcpyvv function.

Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints that apply to the pathInfo component of a URI mapped to the CGI servlet. This issue...

tcpreplay v4.4.4 was discovered to contain an infinite loop via the tcprewrite function at get.c.