[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250363

 
 

909

 
 

196124

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15161 Download | Alert*

Stack-based buffer overflow in dnstracer through 1.9 allows attackers to cause a denial of service or possibly have unspecified other impact via a command line with a long name argument that is mishandled in a strcpy call for argv[0]. An example threat model is a web application that launches dnstracer with an untrusted name string.

In PoDoFo 0.9.5, there is an integer overflow in the PdfObjectStreamParserObject::ReadObjectsFromStream function . Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file.

An invalid memory address dereference was discovered in the huffcode function in Freeware Advanced Audio Coder 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the book 2 case.

The ReadPCXImage function in coders/pcx.c in ImageMagick 7.0.4.9 allows remote attackers to cause a denial of service via a crafted file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-8862 and CVE-2016-8866.

In Live555 0.95, there is a buffer overflow via a large integer in a Content-Length HTTP header because handleRequestBytes has an unrestricted memmove.

There is a reachable assertion abort in the function dict_add_mrset in data/dictionary.c of the libpspp library in GNU PSPP before 1.0.1 that will lead to a remote denial of service attack.

An issue was discovered in vcSetXCutTextProc in VNConsole.c in LinuxVNC and VNCommand from the LibVNC/vncterm distribution through 0.9.10. Missing sanitization of the client-specified message length may cause integer overflow or possibly have unspecified other impact via a specially crafted VNC packet.

The ProcessMimeEntity function in util-decode-mime.c in Suricata 4.x before 4.0.6 allows remote attackers to cause a denial of service via crafted input to the SMTP parser, as exploited in the wild in November 2018.

An issue was discovered in apng2gif 1.7. There is an integer overflow resulting in a heap-based buffer overflow. This is related to the read_chunk function making an unchecked addition of 12.

cfg_init in confuse.c in libConfuse 3.2.2 has a memory leak.


Pages:      Start    1498    1499    1500    1501    1502    1503    1504    1505    1506    1507    1508    1509    1510    1511    ..   1516

© SecPod Technologies