CWE-125

CVE-2019-20089

February 26, 2023 by

GoPro GPMF-parser 1.2.3 has an heap-based buffer over-read in GPMF_SeekToSamples in GPMF_parse.c for the size calculation.

An issue was discovered in ezXML 0.8.3 through 0.8.6. The function ezxml_decode, while parsing a crafted XML file, performs incorrect memory handling, leading to a heap-based buffer over-read while running strchr() starting with a pointer after a ” character (where the processing of a string was finished).

CVE-2019-20011

February 26, 2023 by

An issue was discovered in GNU LibreDWG 0.92. There is a heap-based buffer over-read in decode_R13_R2000 in decode.c.

CVE-2019-20017

February 26, 2023 by

A stack-based buffer over-read was discovered in Mat_VarReadNextInfo5 in mat5.c in matio 1.5.17.

CVE-2019-20018

February 26, 2023 by

A stack-based buffer over-read was discovered in ReadNextCell in mat5.c in matio 1.5.17.

CVE-2019-20020

February 26, 2023 by

A stack-based buffer over-read was discovered in ReadNextStructField in mat5.c in matio 1.5.17.