Lucene search
+L

141 matches found

RubySec
RubySec
added 2022/04/05 12:0 a.m.32 views

Reallocation bug can trigger heap memory corruption

The 1.x branch and the 2.x branch of yajl contain an integer overflow which leads to subsequent heap memory corruption when dealing with large 2GB inputs. Details The reallocation logic at yajlbuf.cL64 may result in the need 32bit integer wrapping to 0 when need approaches a value of 0x80000000...

7.5CVSS1.2AI score0.03472EPSS
Exploits1References1Affected Software1
PyPA
PyPA
added 2021/11/05 8:15 p.m.6 views

PYSEC-2021-392

TensorFlow is an open source platform for machine learning. In affected versions if tf.image.resize is called with a large input argument then the TensorFlow process will crash due to a CHECK-failure caused by an overflow. The number of elements in the output tensor is too much for the int64t typ...

5.5CVSS7.2AI score0.0023EPSS
Exploits1References3Affected Software1
PyPA
PyPA
added 2021/11/05 8:15 p.m.6 views

PYSEC-2021-391

TensorFlow is an open source platform for machine learning. In affected versions if tf.tile is called with a large input argument then the TensorFlow process will crash due to a CHECK-failure caused by an overflow. The number of elements in the output tensor is too much for the int64t type and th...

5.5CVSS7.2AI score0.0023EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2021/11/05 8:15 p.m.7 views

PYSEC-2021-807

TensorFlow is an open source platform for machine learning. In affected versions if tf.image.resize is called with a large input argument then the TensorFlow process will crash due to a CHECK-failure caused by an overflow. The number of elements in the output tensor is too much for the int64t typ...

5.5CVSS6.1AI score0.0023EPSS
Exploits1References3
OSV
OSV
added 2021/11/05 8:15 p.m.3 views

PYSEC-2021-806

TensorFlow is an open source platform for machine learning. In affected versions if tf.tile is called with a large input argument then the TensorFlow process will crash due to a CHECK-failure caused by an overflow. The number of elements in the output tensor is too much for the int64t type and th...

5.5CVSS6.2AI score0.0023EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2021/06/03 10:26 a.m.11 views

python-cryptography: Large inputs for symmetric encryption can trigger integer overflow leading to buffer overflow

A buffer-overflow flaw was found in the python-cryptography package. In certain sequences of update calls when symmetrically encrypting very large payloads 2GB could result in an integer overflow, leading to buffer overflows. Note: This fix is a workaround for the OpenSSL CVE-2021-23840 flaw...

9.1CVSS7AI score0.06718EPSS
Exploits1References5
Snyk
Snyk
added 2021/04/14 8:4 p.m.4 views

Uncaught Exception

Overview std/math/big is a Go standard library package std/math/big Affected versions of this package are vulnerable to Uncaught Exception. Go Vulnerability Report: A number of math/big.Int methods can panic when provided large inputs due to a flawed division method. Remediation Upgrade...

8.7CVSS6.8AI score0.03813EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2020/11/09 12:0 a.m.35 views

go -- math/big: panic during recursive division of very large numbers; cmd/go: arbitrary code execution at build time through cgo

The Go project reports: A number of math/big.Int methods Div, Exp, DivMod, Quo, Rem, QuoRem, Mod, ModInverse, ModSqrt, Jacobi, and GCD can panic when provided crafted large inputs. For the panic to happen, the divisor or modulo argument must be larger than 3168 bits on 32-bit architectures or 633...

7.5CVSS7.7AI score0.03813EPSS
Exploits0References3
OSV
OSV
added 2019/10/14 2:15 a.m.4 views

UBUNTU-CVE-2019-17543

LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4write32 related to LZ4compressdestSize, affecting applications that call LZ4compressfast with a large input. This issue can also lead to data corruption. NOTE: the vendor states "only a few specific / uncommon usages of the API are at risk."...

8.1CVSS7.2AI score0.09116EPSS
Exploits0References5
Packet Storm
Packet Storm
added 2018/10/01 12:0 a.m.51 views

Zahir Enterprise Plus 6 Build 10b Buffer Overflow

Exploit Title: Zahir Enterprise Plus 6 build 10b - Buffer Overflow SEH Google Dork: - Date: 2018-09-28 Exploit Author: modpr0be Vendor Homepage: http://www.zahiraccounting.com/ Software Link: http://zahiraccounting.com/files/zahir-accounting-6-free-trial.zip Version: 6 build 10b - Download here:...

0.6AI score0.18968EPSS
Exploits8
Snyk
Snyk
added 2018/02/25 1:55 p.m.3 views

Regular Expression Denial of Service (ReDoS)

Overview django-cacheops is an app that supports automatic or manual queryset caching and automatic granular event-driven invalidation. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS attacks. This can cause an impact of about 10 seconds matching tim...

3.7CVSS6.6AI score
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2017/03/23 12:0 a.m.6 views

The vulnerability of the console-based graphic editor ImageMagick, which allows a hacker to trigger a service failure

The vulnerability of the console-based graphic editor ImageMagick is caused by a numerical overflow. Exploiting this vulnerability allows an attacker, operating remotely, to cause a service failure termination of the application by sending large input data...

5CVSS7.5AI score0.04566EPSS
Exploits0References5
CNVD
CNVD
added 2017/03/20 12:0 a.m.4 views

Capstone Integer Overflow Vulnerability

Capstone is a set of cross-platform disassembly framework of the U.S. Capstone company , it can support for binary analysis and reverse engineering of secure communications , etc. . An integer overflow vulnerability exists in the cswinkernelmalloc function in the winkernelmm.c file in Capstone...

8.8CVSS6.9AI score0.01245EPSS
Exploits0References1
OSV
OSV
added 2015/08/24 2:59 p.m.3 views

DEBIAN-CVE-2014-6272

Multiple integer overflows in the evbuffer API in Libevent 1.4.x before 1.4.15, 2.0.x before 2.0.22, and 2.1.x before 2.1.5-beta allow context-dependent attackers to cause a denial of service or possibly have other unspecified impact via "insanely large inputs" to the 1 evbufferadd, 2...

7.5CVSS9.9AI score0.02084EPSS
Exploits0References1
OSV
OSV
added 2015/08/24 2:59 p.m.4 views

UBUNTU-CVE-2015-6525

Multiple integer overflows in the evbuffer API in Libevent 2.0.x before 2.0.22 and 2.1.x before 2.1.5-beta allow context-dependent attackers to cause a denial of service or possibly have other unspecified impact via "insanely large inputs" to the 1 evbufferadd, 2 evbufferprepend, 3 evbufferexpand...

7.5CVSS7.5AI score0.04813EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2015/01/12 12:0 a.m.38 views

FreeBSD : libevent -- integer overflow in evbuffers (daa8a49b-99b9-11e4-8f66-3085a9a4510d)

Debian Security Team reports : Andrew Bartlett of Catalyst reported a defect affecting certain applications using the Libevent evbuffer API. This defect leaves applications which pass insanely large inputs to evbuffers open to a possible heap overflow or infinite loop. In order to exploit this...

7.5CVSS8.3AI score0.02084EPSS
Exploits0References2
OSV
OSV
added 2015/01/06 12:0 a.m.6 views

UBUNTU-CVE-2014-6272

Multiple integer overflows in the evbuffer API in Libevent 1.4.x before 1.4.15, 2.0.x before 2.0.22, and 2.1.x before 2.1.5-beta allow context-dependent attackers to cause a denial of service or possibly have other unspecified impact via "insanely large inputs" to the 1 evbufferadd, 2...

7.5CVSS7.5AI score0.02084EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2014/08/23 12:0 a.m.18 views

Fedora 20 : php-htmlpurifier-htmlpurifier-4.6.0-1.fc20 (2014-9361)

HTML Purifier 4.6.0 is a major security release, fixing numerous bad quadratic asymptotics in HTML Purifier's core algorithms. Most users will see a decent speedup on large inputs, although small inputs may take longer. Additionally, the secure URI munging algorithm has changed to do a proper HMA...

5.5AI score
Exploits0References2
RedHat Linux
RedHat Linux
added 2009/05/22 12:6 p.m.3 views

freetype: multiple integer overflows

Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in 1 smooth/ftsmooth.c, 2 sfnt/ttcmap.c, and 3 cff/cffload.c...

7.5CVSS6.2AI score0.08541EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2009/05/22 12:6 p.m.6 views

freetype: multiple integer overflows

Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in 1 smooth/ftsmooth.c, 2 sfnt/ttcmap.c, and 3 cff/cffload.c...

7.5CVSS6.2AI score0.08541EPSS
Exploits1References4
Rows per page
Query Builder