The DBD::mysql module through 4.043 for Perl allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering certain error responses from a MySQL server or a loss of a network connection to a MySQL server. The use-after-free defect was introduced by relying on incorrect Oracle mysql_stmt_close documentation and code examples.
Jasig phpCAS version 1.3.4 is vulnerable to an authentication bypass in the validateCAS20 function when configured to authenticate against an old CASserver.
In ncurses-bin 6.0, there is a NULL Pointer Dereference in the _nc_parse_entry function of tinfo/parse_entry.c. It could lead to a remote denial of service attack if the terminfo library code is used to process untrusted terminfo data.
In ncurses-bin 6.0, there is an attempted 0xffffffffffffffff access in the append_acs function of tinfo/parse_entry.c. It could lead to a remote denial of service attack if the terminfo library code is used to process untrusted terminfo data.
The resample_gauss function in resample.c in TiMidity++ 2.14.0 allow sremote attackers to cause a denial of service via a crafted mid file. NOTE: a crash might be relevant when using the--background option. NOTE: the TiMidity++ README.alsaseq documentation suggests a setuid-root installation.
The insert_note_steps function in readmidi.c in TiMidity++ 2.14.0 allow sremote attackers to cause a denial of service via a crafted mid file. NOTE: a crash might be relevant when using the --background option.