CVE-2015-8270

The AMF3ReadString function in amf.c in RTMPDump 2.4 allows remote RTMP Media servers to cause a denial of service invalid pointer dereference and process crash...

389-ds-base: Remote crash via crafted LDAP messages

An invalid pointer dereference flaw was found in the way 389-ds-base handled LDAP bind requests. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service...

Scientific Linux Security Update : 389-ds-base on SL6.x i386/x86_64 (20170411)

Security Fixes : - An invalid pointer dereference flaw was found in the way 389-ds-base handled LDAP bind requests. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service. CVE-2017-2668 Bug Fixes : -...

389 security update

CentOS Errata and Security Advisory CESA-2017:0893 An update for 389-ds-base is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

389-ds-base: Remote crash via crafted LDAP messages

An invalid pointer dereference flaw was found in the way 389-ds-base handled LDAP bind requests. A remote unauthenticated attacker could use this flaw to make ns-slapd crash via a specially crafted LDAP bind request, resulting in denial of service...

shopify-scripts: Invalid Pointer reference in L_RESCUE

@ssarong reported an input that triggers an out-of-bounds read: https://github.com/mruby/mruby/issues/3603 This issue was addressed upstream in https://github.com/mruby/mruby/commit/761493934e19d1a6edea53e9fbdb39eb78ef898e...

shopify-scripts: Invalid pointer dereference in OP_ENTER

PoC === The following demonstrates a mruby/sandbox crash: def methodmissing end send...

shopify-scripts: Use-after-free leading to an invalid pointer dereference

PoC === The following code demonstrates a crash: class A rescue Struct.new.new.toh end end Discussion ========== mruby crashes due to an invalid pointer dereference in vm.c:1692: 1689│ LRESCUE: 1690│ if ci-ridx == 0 goto LSTOP; 1691│ proc = ci-proc; 1692├ irep = proc-body.irep; gdb print ci-proc ...

CVE-2016-9082

Integer overflow in the writepng function in cairo 1.14.6 allows remote attackers to cause a denial of service invalid pointer dereference via a large svg file...

CVE-2016-9082

Integer overflow in the writepng function in cairo 1.14.6 allows remote attackers to cause a denial of service invalid pointer dereference via a large svg file...

CVE-2016-9082

Integer overflow in the writepng function in cairo 1.14.6 allows remote attackers to cause a denial of service invalid pointer dereference via a large svg file...

CVE-2016-9082

CVE-2016-9082 affects the Cairo graphics library, specifically the write_png function in Cairo 1.14.6. An integer overflow can be triggered by a large SVG file, leading to a denial of service via an invalid pointer dereference. The provided sources confirm the vulnerability exists in Cairo 1.14.6...

CVE-2016-9082

Integer overflow in the writepng function in cairo 1.14.6 allows remote attackers to cause a denial of service invalid pointer dereference via a large svg file...

Denial Of Service (DoS) Via Invalid Free

libplist is vulnerable to denial of service DoS attacks. The vulnerability exists as it is possible to reach a state where plistfree is used to free an invalid pointer...

CVE-2016-7914

The assocarrayinsertintoterminalnode function in lib/assocarray.c in the Linux kernel before 4.5.3 does not check whether a slot is a leaf, which allows local users to obtain sensitive information from kernel memory or cause a denial of service invalid pointer dereference and out-of-bounds read v...

NVIDIA Windows GPU Display Driver Local Elevation of Privilege Vulnerability

NVIDIA Windows GPU Display Driver is a set of graphics processor GPU graphics card drivers for Windows from NVIDIA. The NVIDIA Windows GPU Display Driver local elevation of privilege vulnerability stems from the program failing to properly validate pointers. A local attacker could use this...

CVE-2016-9082

Integer overflow in the writepng function in cairo 1.14.6 allows remote attackers to cause a denial of service invalid pointer dereference via a large svg file...

Amazon Linux AMI : php70 (ALAS-2016-754)

ext/mysqlnd/mysqlndwireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNEDFLAG flag, which allows remote MySQL servers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via crafted field metadata...

Linux kernel denial of service vulnerability (CNVD-2016-09458)

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A denial of service vulnerability exists in the arch/arm64/kernel/perfevent.c file in versions of Linux kernel prior to 4.1 on arm64-based platforms. A local attacker can...

Amazon Linux AMI : php56 (ALAS-2016-753)

ext/standard/varunserializer.re in PHP before 5.6.26 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via an unserialize call that references a partially constructed object...