The ASN1_STRING_print_ex function in OpenSSL before 0.9.8k allows remote attackers to cause a denial of service (invalid memory access and application crash) via vectors that trigger printing of a (1) BMPString or (2) UniversalString with an invalid encoded length.

...

OPENSUSE-SU-2020:0021-1 Security update for dia

This update for dia fixes the following issue: - CVE-2019-19451: Fixed an endless loop on filenames with invalid encoding bsc1158194. This update was imported from the SUSE:SLE-15:Update update project...

MGASA-2020-0022 Updated dia packages fix security vulnerability

Updated dia package fixes security vulnerability: An endless loop on filenames with invalid encoding CVE-2019-19451...

SUSE SLED12 Security Update : dia (SUSE-SU-2019:3390-1)

This update for dia fixes the following issue : CVE-2019-19451: Fixed an endless loop on filenames with invalid encoding bsc1158194. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically...

SUSE-SU-2019:3391-1 Security update for dia

This update for dia fixes the following issue: - CVE-2019-19451: Fixed an endless loop on filenames with invalid encoding bsc1158194...

SUSE-SU-2019:3390-1 Security update for dia

This update for dia fixes the following issue: - CVE-2019-19451: Fixed an endless loop on filenames with invalid encoding bsc1158194...

UBUNTU-CVE-2019-19451

When GNOME Dia before 2019-11-27 is launched with a filename argument that is not a valid codepoint in the current encoding, it enters an endless loop, thus endlessly writing text to stdout. If this launch is from a thumbnailer service, this output will usually be written to disk via the system's...

ZNC < 1.7.3-rc1 DoS Vulnerability

an ZNC IRC bouncer is prone to a Denial of Service vulnerability. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free...

ALPINE-CVE-2019-10691

The JSON encoder in Dovecot before 2.3.5.2 allows attackers to repeatedly crash the authentication service by attempting to authenticate with an invalid UTF-8 sequence as the username...

OPENSUSE-SU-2019:1166-1 Security update for znc

This update for znc to version 1.7.2 fixes the following issue: Security issue fixed: - CVE-2019-9917: Fixed an issue where due to invalid encoding znc was crashing bsc1130360...

CVE-2019-9917

ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial of Service crash via invalid encoding...

Design/Logic Flaw

ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial of Service crash via invalid encoding...

ALPINE-CVE-2019-9917

ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial of Service crash via invalid encoding...

CVE-2019-9917

ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial of Service crash via invalid encoding...

DEBIAN-CVE-2019-9917

ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial of Service crash via invalid encoding...

CVE-2019-9917

ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial of Service crash via invalid encoding...

CVE-2019-9917

ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial of Service crash via invalid encoding...

CVE-2019-9917

ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial of Service crash via invalid encoding...

UBUNTU-CVE-2019-9917

ZNC before 1.7.3-rc1 allows an existing remote user to cause a Denial of Service crash via invalid encoding...

Invalid Encoding

libcurl.so is vulnerable to invalid encoding. The library does not properly parse the authority component of the URL in a curl request, causing the request to be sent to a different URL...