Filtered by CWE-127

Search

Switch to Advanced Search (Beta)
Total 6 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-32050 1 Redhat 1 Enterprise Linux 2025-04-07 5.9 Medium
A flaw was found in libsoup. The libsoup append_param_quoted() function may contain an overflow bug resulting in a buffer under-read.
CVE-2024-25629 3 C-ares, Fedoraproject, Redhat 5 C-ares, Fedora, Enterprise Linux and 2 more 2025-02-13 4.4 Medium
c-ares is a C library for asynchronous DNS requests. `ares__read_line()` is used to parse local configuration files such as `/etc/resolv.conf`, `/etc/nsswitch.conf`, the `HOSTALIASES` file, and if using a c-ares version prior to 1.27.0, the `/etc/hosts` file. If any of these configuration files has an embedded `NULL` character as the first character in a new line, it can lead to attempting to read memory prior to the start of the given buffer which may result in a crash. This issue is fixed in c-ares 1.27.0. No known workarounds exist.
CVE-2024-10395 2025-02-03 8.6 High
No proper validation of the length of user input in http_server_get_content_type_from_extension.
CVE-2022-2845 2 Fedoraproject, Vim 2 Fedora, Vim 2024-11-21 7.8 High
Improper Validation of Specified Quantity in Input in GitHub repository vim/vim prior to 9.0.0218.
CVE-2020-5360 2 Dell, Oracle 5 Bsafe Micro-edition-suite, Database, Http Server and 2 more 2024-11-21 7.5 High
Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to a Buffer Under-Read Vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability resulting in undefined behaviour, or a crash of the affected systems.
CVE-2020-1918 1 Facebook 1 Hhvm 2024-11-21 7.5 High
In-memory file operations (ie: using fopen on a data URI) did not properly restrict negative seeking, allowing for the reading of memory prior to the in-memory buffer. This issue affects HHVM versions prior to 4.56.3, all versions between 4.57.0 and 4.80.1, all versions between 4.81.0 and 4.93.1, and versions 4.94.0, 4.95.0, 4.96.0, 4.97.0, 4.98.0.