31 matches found
DEBIAN-CVE-2023-45322
libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is "I don't think these issues are critical enough to warrant a CVE ID ... because an attacker typically can't control when...
Mageia: Security Advisory (MGASA-2018-0027)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
UBUNTU-CVE-2019-12380
DISPUTED An issue was discovered in the efi subsystem in the Linux kernel through 5.1.5. physefisetvirtualaddressmap in arch/x86/platform/efi/efi.c and eficallphysprolog in arch/x86/platform/efi/efi64.c mishandle memory allocation failures. NOTE: This id is disputed as not being an issue because...
DEBIAN-CVE-2019-12380
DISPUTED An issue was discovered in the efi subsystem in the Linux kernel through 5.1.5. physefisetvirtualaddressmap in arch/x86/platform/efi/efi.c and eficallphysprolog in arch/x86/platform/efi/efi64.c mishandle memory allocation failures. NOTE: This id is disputed as not being an issue because...
CVE-2019-12380
CVE-2019-12380 is documented in multiple advisories referencing the Linux kernel EFI handling code. The connected sources specify that the vulnerability arises from how the EFI subsystem handles memory allocation failures in the x86 EFI path: phys_efi_set_virtual_address_map in arch/x86/platform/...
MGASA-2018-0027 Updated elfutils packages fix security vulnerabilities
The elfutils package has been updated to version 0.169 to fix several bugs that can lead to memory allocation failures or heap overflows CVE-2016-10254, CVE-2016-10255, CVE-2017-7607, CVE-2017-7608, CVE-2017-7609, CVE-2017-7610, CVE-2017-7611, CVE-2017-7612, CVE-2017-7613...
httpd: DoS vulnerability in mod_auth_digest
It was discovered that the modauthdigest module of httpd did not properly check for memory allocation failures. A remote attacker could use this flaw to cause httpd child processes to repeatedly crash if the server used HTTP digest authentication...
Authentication flaw
The telnetd service in FreeBSD 9.3, 10.1, 10.2, 10.3, and 11.0 allows remote attackers to inject arguments to login and bypass authentication via vectors involving a "sequence of memory allocation failures."...
FreeBSD : ffmpeg -- multiple vulnerabilities (3d950687-b4c9-4a86-8478-c56743547af8)
NVD reports : The decodeihdrchunk function in libavcodec/pngdec.c in FFmpeg before 2.7.2 does not enforce uniqueness of the IHDR aka image header chunk in a PNG image, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact v...
Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-2378-1)
Steven Vittitoe reported multiple stack buffer overflows in Linux kernel's magicmouse HID driver. A physically proximate attacker could exploit this flaw to cause a denial of service system crash or possibly execute arbitrary code via specially crafted devices. CVE-2014-3181 Ben Hawkes reported...
Ubuntu Update for ruby1.9 vulnerability USN-691-1
Ubuntu Update for Linux kernel vulnerabilities USN-691-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN6911.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for ruby1.9 vulnerability USN-691-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...