Linux kernel invalid pointer dereference vulnerability (CNVD-2018-24481)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the 'btrfsrootnode' function in Linux kernel version 4.17.10 and earlier. An attacker can exploit this vulnerability to cause a deni...

Linux kernel invalid pointer dereference vulnerability (CNVD-2018-24480)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A security vulnerability exists in the 'delrelocroot' function of the fs/btrfs/relocation.c file in Linux kernel versions 4.17.10 and earlier, where the vulnerable...

Memory Read Out-of-Bounds Vulnerability in TAS SG2 Software

Taian Technology Wuxi Co., Ltd. manufactures, sells and develops a range of industrial control and low voltage electrical and power distribution products, i.e. electronic and component products. A memory read out-of-bounds vulnerability exists in the SG2 software of Taian Technology. The...

CVE-2017-2668

389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an invalid pointer dereference in the way LDAP bind requests are handled. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service...

CVE-2017-2668

389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an invalid pointer dereference in the way LDAP bind requests are handled. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service...

Updated exempi package fixes security vulnerabilities

An issue was discovered in Exempi through 2.4.4. There is a stack-based buffer over-read in the PostScriptMetaHandler::ParsePSFile function in PostScriptHandler.cpp CVE-2018-7729. An issue was discovered in Exempi through 2.4.4. WEBPSupport.cpp does not check whether a bitstream has a NULL value,...

oniguruma: Invalid pointer dereference in left_adjust_char_head()

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A SIGSEGV occurs in leftadjustcharhead during regular expression compilation. Invalid handling of reg-dmax in forwardsearchrange could result in an invalid pointer...

CVE-2018-10322

The xfsdinodeverify function in fs/xfs/libxfs/xfsinodebuf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service xfsilockattrmapshared invalid pointer dereference via a crafted xfs image...

DEBIAN-CVE-2018-10322

The xfsdinodeverify function in fs/xfs/libxfs/xfsinodebuf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service xfsilockattrmapshared invalid pointer dereference via a crafted xfs image...

CVE-2018-10322

The xfsdinodeverify function in fs/xfs/libxfs/xfsinodebuf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service xfsilockattrmapshared invalid pointer dereference via a crafted xfs image...

CVE-2018-10322

The xfsdinodeverify function in fs/xfs/libxfs/xfsinodebuf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service xfsilockattrmapshared invalid pointer dereference via a crafted xfs image...

CVE-2016-9570

cb.exe in Carbon Black 5.1.1.60603 allows attackers to cause a denial of service out-of-bounds read, invalid pointer dereference, and application crash by leveraging access to the NetMon named pipe...

CVE-2016-9570

The CVE-2016-9570 entry concerns Carbon Black (cb.exe) version 5.1.1.60603. It describes a denial-of-service condition caused by an out-of-bounds read, an invalid pointer dereference, and application crash when an attacker gains access to the NetMon named pipe. This is a network-accessible issue ...

flash-plugin: out-of-bounds read causing information leak (APSB18-01)

An Out-of-bounds Read issue was discovered in Adobe Flash Player before 28.0.0.137. This vulnerability occurs because of computation that reads data that is past the end of the target buffer. The use of an invalid out-of-range pointer offset during access of internal data structure fields causes...

CVE-2017-16418

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the...

CVE-2017-16411

An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the...

Design/Logic Flaw

An issue was discovered in Adobe Flash Player 27.0.0.183 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is part of AdobePSDK metadata. The use of an invalid out-of-range pointer offset during...

Updated upx package fixes security vulnerability

plxelf.cpp in UPX 3.94 mishandles ELF headers, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by an Invalid Pointer Read in PackLinuxElf64::unpack CVE-2017-15056...

CVE-2017-15056

plxelf.cpp in UPX 3.94 mishandles ELF headers, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by an Invalid Pointer Read in PackLinuxElf64::unpack...

DEBIAN-CVE-2017-15056

plxelf.cpp in UPX 3.94 mishandles ELF headers, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted binary file, as demonstrated by an Invalid Pointer Read in PackLinuxElf64::unpack...