Lucene search
+L

186 matches found

NVD
NVD
added 2019/02/10 10:29 p.m.20 views

CVE-2019-7698

An issue was discovered in AP4Array::EnsureCapacity in Core/Ap4Array.h in Bento4 1.5.1-627. Crafted MP4 input triggers an attempt at excessive memory allocation, as demonstrated by mp42hls, a related issue to CVE-2018-20095...

6.5CVSS6.4AI score0.0121EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2019/01/31 3:49 p.m.23 views

CVE-2019-7148

An attempted excessive memory allocation was discovered in the function readlongnames in elfbegin.c in libelf in elfutils 0.174. Remote attackers could leverage this vulnerability to cause a denial-of-service via crafted elf input, which leads to an out-of-memory exception. NOTE: The maintainers...

6.5CVSS3.9AI score0.01585EPSS
Exploits1References3
AlpineLinux
AlpineLinux
added 2019/01/29 12:0 a.m.86 views

CVE-2019-7148

An attempted excessive memory allocation was discovered in the function readlongnames in elfbegin.c in libelf in elfutils 0.174. Remote attackers could leverage this vulnerability to cause a denial-of-service via crafted elf input, which leads to an out-of-memory exception. NOTE: The maintainers...

6.5CVSS6.1AI score0.01585EPSS
Exploits1
CNVD
CNVD
added 2019/01/15 12:0 a.m.5 views

libIEC61850 Resource Management Error Vulnerability (CNVD-2019-43852)

libIEC61850 is an open source library for IEC 61850. A security vulnerability exists in Memorymalloc and Memorycalloc in the hal/memory/libmemory.c file in libIEC61850 version 1.3.1. An attacker can exploit this vulnerability to cause a denial of service memory leak...

7.5CVSS6.7AI score0.01456EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2019/01/11 9:0 p.m.3 views

CVE-2018-16865

An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash...

7.5CVSS7.9AI score0.02958EPSS
Exploits2References21
CNVD
CNVD
added 2018/12/27 12:0 a.m.4 views

Bento4 Excessive Memory Allocation Vulnerability (CNVD-2019-07053)

Bento4 is a C++ class library and tool for reading and writing ISO-MP4 files. An excessive memory allocation vulnerability in the AP4DataBuffer class in Bento4 1.5.1-627 when called from AP4HvccAtom::Create in Core/Ap4HvccAtom.cpp can be exploited by an attacker to cause a denial of service...

6.5CVSS6.8AI score0.01053EPSS
Exploits1References1
Amazon
Amazon
added 2018/04/26 12:0 a.m.58 views

Critical: java-1.8.0-openjdk

Issue Overview: Unbounded memory allocation during deserialization in Container AWT, 8189989 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161...

8.3CVSS5.3AI score0.15141EPSS
Exploits0
Debian CVE
Debian CVE
added 2018/04/14 2:0 p.m.45 views

CVE-2018-10114

An issue was discovered in GEGL through 0.3.32. The geglbufferiteratereadsimple function in buffer/gegl-buffer-access.c allows remote attackers to cause a denial of service write access violation or possibly have unspecified other impact via a malformed PPM file, related to improper restrictions ...

8.8CVSS9.1AI score0.01928EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2018/03/20 12:0 a.m.44 views

EulerOS 2.0 SP2 : java-1.7.0-openjdk (EulerOS-SA-2018-1059)

According to the versions of the java-1.7.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the AWT component of OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java...

8.3CVSS7.1AI score0.06905EPSS
Exploits0References15
Prion
Prion
added 2018/03/07 3:29 p.m.20 views

Integer overflow

Multiple integer overflows in libgfortran might allow remote attackers to execute arbitrary code or cause a denial of service Fortran application crash via vectors related to array allocation...

7.5CVSS8.2AI score0.05678EPSS
Exploits0References5Affected Software1
RedHat Linux
RedHat Linux
added 2017/12/06 1:42 p.m.5 views

OpenJDK: unbounded memory allocation in SimpleTimeZone deserialization (Serialization, 8181323)

Vulnerability in the Java SE, JRockit component of Oracle Java SE subcomponent: Serialization. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

5.3CVSS7.4AI score0.03114EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2017/10/02 5:0 a.m.49 views

CVE-2017-14988

Header::readfrom in IlmImf/ImfHeader.cpp in OpenEXR 2.2.0 allows remote attackers to cause a denial of service excessive memory allocation via a crafted file that is accessed with the ImfOpenInputFile function in IlmImf/ImfCRgbaFile.cpp. NOTE: The maintainer and multiple third parties believe tha...

5.5CVSS5.6AI score0.00963EPSS
Exploits0
OSV
OSV
added 2017/09/18 8:29 p.m.14 views

USN-3422-1 linux vulnerabilities

It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service system crash. CVE-2017-1000251 It was discovered that the asynchronous I/O aio...

8CVSS7.8AI score0.16181EPSS
Exploits17References19
Debian CVE
Debian CVE
added 2017/08/23 5:0 p.m.33 views

CVE-2017-13147

In GraphicsMagick 1.3.26, an allocation failure vulnerability was found in the function ReadMNGImage in coders/png.c when a small MNG file has a MEND chunk with a large length value...

8.8CVSS8.7AI score0.01537EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2017/06/21 7:29 a.m.22 views

CVE-2017-9778

GNU Debugger GDB 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede efforts to analyze malware with GDB...

5.5CVSS6.4AI score0.01113EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2016/08/23 6:14 a.m.62 views

Moderate: Red Hat Security Advisory: qemu-kvm-rhev security update

An update for qemu-kvm-rhev is now available for Red Hat Enterprise Linux OpenStack Platform 5.0 Icehouse for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.8CVSS7.3AI score0.00701EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2015/09/08 12:0 a.m.9 views

The vulnerability of the Firefox OS operating system allows a hacker to trigger a service failure.

The vulnerability of the SharedBufferManagerParent::RecvAllocateGrallocBuffer function in the Firefox OS operating system is related to buffer overflows caused by integer overflows. Exploiting this vulnerability could allow a malicious actor to cause service failures by setting the buffer size...

5CVSS5.8AI score0.01104EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2013/07/30 12:56 a.m.7 views

CVE-2013-4933

The netmonopen function in wiretap/netmon.c in the Netmon file parser in Wireshark 1.8.x before 1.8.9 and 1.10.x before 1.10.1 does not properly allocate memory, which allows remote attackers to cause a denial of service application crash via a crafted packet-trace file...

6.2AI score
Exploits0References16
CVE
CVE
added 2013/07/10 1:0 a.m.72 views

CVE-2013-3134

CVE-2013-3134 is a remote code execution vulnerability in the Common Language Runtime (CLR) of Microsoft .NET Framework on 64-bit platforms. The issue arises from how the CLR allocates arrays of structures, permitting an attacker to craft a .NET application that alters array data to execute arbit...

9.3CVSS7.5AI score0.2104EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2013/07/10 1:0 a.m.31 views

CVE-2013-3134

The Common Language Runtime CLR in Microsoft .NET Framework 2.0 SP2, 3.5, 3.5.1, 4, and 4.5 on 64-bit platforms does not properly allocate arrays of structures, which allows remote attackers to execute arbitrary code via a crafted .NET Framework application that changes array data, aka "Array...

7.3AI score0.2104EPSS
Exploits0References3
Rows per page
Query Builder