[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

256288

 
 

909

 
 

199146

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 15266 Download | Alert*

The caml_ba_deserialize function in byterun/big array.c in the standardlibrary in OCaml 4.06.0 has an integer overflow which, in situations where marshalled data is accepted from an untrusted source, allows remote attackers to cause a denial of service or possibly execute arbitrary code via a crafted object.

An issue was discovered in zziplib-bin 0.13.68. There is a memory leak triggered in the function zzip_mem_disk_new in memdisk.c, which will lead to a denial of service attack.

In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage function . Remote attackers could leverage this vulnerability to cause a denial of service via an image file with a crafted bit-field mask value.

An issue was discovered in GEGL through 0.3.32. Thegegl_buffer_iterate_read_simple function in buffer/gegl-buffer-access.c allows remote attackers to cause a denial of service or possibly have unspecified other impact via a malformed PPM file, related to improper restrictions on memory allocation in the ppm_load_read_header function in operations/external/ppm-load.c.

Netwide Assembler 2.13.02rc2 has a stack-based buffer under-read in the function ieee_shr in asm/float.c via a large shift value.

nasm version 2.14.01rc5, 2.15 contains a Buffer Overflow vulnerability in asm/stdscan.c:130 that can result in Stack-overflow caused by triggering endless macro generation, crash the program. This attack appear to be exploitable via a crafted nasm input file.

Integer overflow in the index.c:read_entry function while decompressing a compressed prefix length in libgit2-dev before v0.26.2 allows an attacker to cause a denial of service via a crafted repository index file.

The html package through 2018-09-25 in Go mishandles<table><math><select><mi><select></table>, leading to an infinite loop during an html.Parse call because inSelectIM and inSelectInTableIM do not comply with a specification.

An issue was discovered in login 4.5. new gidmap is setuid and allows an unprivileged user to be placed in a user namespace where setgroups is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if the administrator has used "group blacklisting" to restrict access to paths. This flaw effectively reverts a security ...

Incorrect returning of an error code in the index.c:read_entry function leads to a double free in libgit2-dev before v0.26.2, which allows an attacker to cause a denial of service via a crafted repository index file.


Pages:      Start    637    638    639    640    641    642    643    644    645    646    647    648    649    650    ..   1526

© SecPod Technologies