1171 matches found
Medium: php70
Issue Overview: ext/mysqlnd/mysqlndwireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNEDFLAG flag, which allows remote MySQL servers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via crafted...
CVE-2016-6692
drivers/video/msm/mdss/mdssmdppp.c in the Qualcomm MDSS driver in Android before 2016-10-05 allows attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via unknown vectors, aka Qualcomm internal bug CR 1004933...
CVE-2016-6692
drivers/video/msm/mdss/mdssmdppp.c in the Qualcomm MDSS driver in Android before 2016-10-05 allows attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via unknown vectors, aka Qualcomm internal bug CR 1004933...
CVE-2015-8955
arch/arm64/kernel/perfevent.c in the Linux kernel before 4.1 on arm64 platforms allows local users to gain privileges or cause a denial of service invalid pointer dereference via vectors involving events that are mishandled during a span of multiple HW PMUs...
CVE-2016-6692
drivers/video/msm/mdss/mdssmdppp.c in the Qualcomm MDSS driver in Android before 2016-10-05 allows attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via unknown vectors, aka Qualcomm internal bug CR 1004933...
CVE-2015-8955
arch/arm64/kernel/perfevent.c in the Linux kernel before 4.1 on arm64 platforms allows local users to gain privileges or cause a denial of service invalid pointer dereference via vectors involving events that are mishandled during a span of multiple HW PMUs...
Updated freerdp packages fix security vulnerabilities
FreeRDP could crash due to a NULL or invalid pointer CVE-2013-4118, CVE-2013-4119...
Google Chrome Denial of Service Vulnerability (CNVD-2016-08230)
Google Chrome is a web browser developed by the American company Google Google. A denial of service vulnerability exists in Google Chrome versions prior to 53.0.2785.113. A remote attacker can exploit this vulnerability by accessing the renderer process to cause a denial of service invalid pointe...
Microsoft Office PowerPoint 2010 - Invalid Pointer Reference
Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=866 The following crash was observed in Microsoft PowerPoint 2010 running under Windows 7 x86 with application verifier enabled. File versions are: mso.dll: 14.0.7166.5000...
Microsoft Office PowerPoint 2010 - Invalid Pointer Reference
Microsoft Office PowerPoint 2010 - Invalid Pointer Reference Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=866 The following crash was observed in Microsoft PowerPoint 2010 running under Windows 7 x86 with application verifier enabled. File versions are: mso.dll: 14.0.7166.500...
CVE-2016-7418
The phpwddxpushelement function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service invalid pointer access and out-of-bounds read or possibly have unspecified other impact via an incorrect boolean element in a wddxPacket XML document,...
CVE-2016-7418
The phpwddxpushelement function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service invalid pointer access and out-of-bounds read or possibly have unspecified other impact via an incorrect boolean element in a wddxPacket XML document,...
CVE-2016-7418
The phpwddxpushelement function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service invalid pointer access and out-of-bounds read or possibly have unspecified other impact via an incorrect boolean element in a wddxPacket XML document,...
ObiHai ObiPhone 10321062 5-0-0-3497 - Multiple Vulnerabilities
ObiHai ObiPhone 10321062 5-0-0-3497 - Multiple Vulnerabilities ObiHai ObiPhone - Multiple Vulnerabilities ------------------------------------------ Introduction ============ Multiple vulnerabilities were discovered in the web management interface of the ObiHai ObiPhone products. The...
Microsoft Windows - GDI+ ValidateBitmapInfo Invalid Pointer Arithmetic Out-of-Bounds Reads (MS16-097)
Microsoft Windows - GDI+ ValidateBitmapInfo Invalid Pointer Arithmetic Out-of-Bounds Reads MS16-097 Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=826 The GDI+ library can handle bitmaps originating from untrusted sources through a variety of attack vectors, like EMF files, whi...
Microsoft Windows - GDI+ ValidateBitmapInfo Invalid Pointer Arithmetic Out-of-Bounds Reads (MS16-097)
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=826 The GDI+ library can handle bitmaps originating from untrusted sources through a variety of attack vectors, like EMF files, which may embed bitmaps in records such as EMRPLGBLT, EMRBITBLT, EMRSTRETCHBLT, EMRSTRETCHDIBITS etc. I...
FreeBSD : FreeBSD -- Multiple vulnerabilities in file(1) and libmagic(3) (70140f20-6007-11e6-a6c3-14dae9d210b8)
A specifically crafted Composite Document File CDF file can trigger an out-of-bounds read or an invalid pointer dereference. CVE-2012-1571 A flaw in regular expression in the awk script detector makes use of multiple wildcards with unlimited repetitions. CVE-2013-7345 A malicious input file could...
CVE-2015-0573
drivers/media/platform/msm/broadcast/tsc.c in the TSC driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allows attackers to cause a denial of service invalid pointer dereference or possibly have unspecified other...
CVE-2015-0573
drivers/media/platform/msm/broadcast/tsc.c in the TSC driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allows attackers to cause a denial of service invalid pointer dereference or possibly have unspecified other...
nginx: invalid pointer dereference in resolver
It was discovered that nginx could perform an out of bound read and dereference an invalid pointer when resolving CNAME DNS records. An attacker able to manipulate DNS responses received by nginx could use this flaw to cause a worker process to crash if nginx enabled the resolver in its...