Denial Of Service (DoS)

spray-json is vulnerable to denial of service. An attacker is able to create an object with colliding keys to cause high resource consumption when HashMap creates a map, resulting in a denial of service condition when parsing multiple JSON object fields with the same hash code...

hashmap-mining.com XSS vulnerability

Open Bug Bounty ID: OBB-594838 Description| Value ---|--- Affected Website:| hashmap-mining.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Denial Of Service (DoS)

runtime/hashmap in github.com/golang/go is vulnerable to denial of service DoS attacks. The vulnerability exists because it uses uintptr in overLoadFactor of hashmap.go. With large number of potential buckets, a malicious user or a coding error can cause an infinite loop via overflow in 32-bit...

openSUSE Security Update : Firefox 46.0 (openSUSE-2016-566) (SWEET32)

This update to Mozilla Firefox 46.0 fixes several security issues and bugs boo977333. The following vulnerabilities were fixed : - CVE-2016-2804: Miscellaneous memory safety hazards - MFSA 2016-39 boo977373 - CVE-2016-2806: Miscellaneous memory safety hazards - MFSA 2016-39 boo977375 -...

SUSE SLED12 / SLES12 Security Update : MozillaFirefox (SUSE-SU-2016:1258-1)

This update to MozillaFirefox 38.8.0 ESR fixes the following issues bsc977333 : - CVE-2016-2805: Miscellaneous memory safety hazards - MFSA 2016-39 bsc977374 - CVE-2016-2807: Miscellaneous memory safety hazards - MFSA 2016-39 bsc977376 - CVE-2016-2814: Buffer overflow in libstagefright with CENC...

SUSE: Security Advisory for MozillaFirefox (SUSE-SU-2016:1258-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla: Write to invalid HashMap entry through JavaScript.watch() (MFSA 2016-47)

The watch implementation in the JavaScript engine in Mozilla Firefox before 46.0, Firefox ESR 38.x before 38.8, and Firefox ESR 45.x before 45.1 allows remote attackers to execute arbitrary code or cause a denial of service generation-count overflow, out-of-bounds HashMap write access, and...

Write to invalid HashMap entry through JavaScript.watch() — Mozilla

The CESG, the Information Security Arm of GCHQ, reported that the JavaScript .watch method could be used to overflow the 32-bit generation count of the underlying HashMap, resulting in a write to an invalid entry. Under the right conditions this write could lead to arbitrary code execution. The...

Apple Mac OSX - Kernel Use-After-Free and Double Delete Due to Incorrect Locking in Intel GPU Driver

Exploit for macOS platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=708 The external methods IGAccelGLContext::unmapusermemory and IGAccelCLContext::unmapusermemory take an 8 byte struct input which is a user-space pointer previously passed to the...

CVE-2014-3171

Removed by vendor...

CVE-2014-3171

Use-after-free vulnerability in the V8 bindings in Blink, as used in Google Chrome before 37.0.2062.94, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper use of HashMap add operations instead of HashMap set operations, related to...

CVE-2014-3171

CVE-2014-3171 is a use-after-free in Chrome’s Blink V8 bindings (HashMap add vs set) that affects the rendering engine’s V8 integration. The issue resides in bindings/core/v8/DOMWrapperMap.h and bindings/core/v8/SerializedScriptValue.cpp and, if exploited, can lead to a denial of service; remedia...

UBUNTU-CVE-2014-3171

Use-after-free vulnerability in the V8 bindings in Blink, as used in Google Chrome before 37.0.2062.94, allows remote attackers to cause a denial of service or possibly have unspecified other impact by leveraging improper use of HashMap add operations instead of HashMap set operations, related to...

Scientific Linux Security Update : java-1.6.0-openjdk on SL5.x, SL6.x i386/srpm/x86_64 (20140721)

It was discovered that the Hotspot component in OpenJDK did not properly verify bytecode from the class files. An untrusted Java application or applet could possibly use these flaws to bypass Java sandbox restrictions. CVE-2014-4216, CVE-2014-4219 A format string flaw was discovered in the Hotspo...

Important: Red Hat Security Advisory: java-1.6.0-openjdk security and bug fix update

Updated java-1.6.0-openjdk packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 5, 6, and 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which...

java security update

CentOS Errata and Security Advisory CESA-2014:0907 Updated java-1.6.0-openjdk packages that fix multiple security issues and one bug are now available for Red Hat Enterprise Linux 5, 6, and 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common...

Scientific Linux Security Update : sblim-cim-client2 on SL6.x (20120620)

The SBLIM Standards-Based Linux Instrumentation for Manageability CIM Common Information Model Client is a class library for Java applications that provides access to CIM servers using the CIM Operations over HTTP protocol defined by the DMTF Distributed Management Task Force standards. It was...

CentOS 6 : sblim-cim-client2 (CESA-2012:0987)

Updated sblim-cim-client2 packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, i...

Fedora 12 : libHX-3.6-1.fc12 / pam_mount-2.5-1.fc12 (2010-13155)

Update to libHX 3.6 fixing a buffer overflow in HXsplit: http://libhx.gi t.sourceforge.net/git/gitweb.cgi?p=libhx/libhx;a=commitdiff;h=904a46f9 0d pammount v2.5 August 10 2010 =============================== Changes: - mount.crypt: fix incorrect processing of binary files in keyfile passthrough -...