Vulnerabilities tagged "overflow"

Information and PoC about the ENLBufferPwn vulnerability

Straight-forward issue, but kinda fun as it impacts the network code in several first-part Nintendo games across multiple consoles (3DS, Wii U, Switch).The `NetworkBuffer` in the network library has two methods `Add` and `Set` which are used to fill the backing buffer with data from the network...

Integer Overflow in SQLite Leading to Stack-based Buffer Overflow

An integer overflow in SQLite's `sqlite3_str_vappendf`, large inputs when dealing with `q` `Q` or `w` format specifiers (unique to SQLite's implementation of `printf` used to escape quotes).In calculating the maximum buffer once escapes have been added the size may overflow to a negative value leading to SQLite using a 70byte (by default) stack allocated buffer...

Integer Overflow Leading to Buffer Overflow in "Official" SHA-3 Implementation

An integer overflow in the official SHA-3 implementation as used by PHP, Python, Ruby and I'm sure other places.When updating a block that already has some data in it, it will try to calculate if the new partial block bytes will go out of bounds, it makes the classic mistake of adding the current index and the length of new data, then just checking if it is lower than a bounding value...