5150 matches found
CVE-2018-5772
An unbounded recursion flaw was found in the way Exiv2 handled certain image files. An attacker could potentially use this flaw to crash the exiv2 CLI utility program by tricking it into processing crafted input files...
bind: Improper fetch cleanup sequencing in the resolver can cause named to crash
A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion...
bind: Improper fetch cleanup sequencing in the resolver can cause named to crash
A use-after-free flaw leading to denial of service was found in the way BIND internally handled cleanup operations on upstream recursion fetch contexts. A remote attacker could potentially use this flaw to make named, acting as a DNSSEC validating resolver, exit unexpectedly with an assertion...
Stack overflow
jQuery 3.0.0-rc.1 is vulnerable to Denial of Service DoS due to removing a logic that lowercased attribute names. Any attribute getter using a mixed-cased name for boolean attributes goes into an infinite recursion, exceeding the stack call limit...
CVE-2016-10707
jQuery 3.0.0-rc.1 is vulnerable to Denial of Service DoS due to removing a logic that lowercased attribute names. Any attribute getter using a mixed-cased name for boolean attributes goes into an infinite recursion, exceeding the stack call limit...
CVE-2018-5772
In Exiv2 0.26, there is a segmentation fault caused by uncontrolled recursion in the Exiv2::Image::printIFDStructure function in the image.cpp file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file...
CVE-2018-5772
In Exiv2 0.26, there is a segmentation fault caused by uncontrolled recursion in the Exiv2::Image::printIFDStructure function in the image.cpp file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file...
PYSEC-2018-145
In Exiv2 0.26, there is a segmentation fault caused by uncontrolled recursion in the Exiv2::Image::printIFDStructure function in the image.cpp file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file...
PYSEC-2018-145
In Exiv2 0.26, there is a segmentation fault caused by uncontrolled recursion in the Exiv2::Image::printIFDStructure function in the image.cpp file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file...
CVE-2018-5772
In Exiv2 0.26, there is a segmentation fault caused by uncontrolled recursion in the Exiv2::Image::printIFDStructure function in the image.cpp file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file...
CVE-2018-5772
In Exiv2 0.26, there is a segmentation fault caused by uncontrolled recursion in the Exiv2::Image::printIFDStructure function in the image.cpp file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted tif file...
PT-2018-17137 · Exiv2 +2 · Exiv2 +2
Name of the Vulnerable Software and Affected Versions: Exiv2 version 0.26 Description: The issue is caused by uncontrolled recursion in the Exiv2::Image::printIFDStructure function, located in the image.cpp file. This can be exploited by remote attackers to cause a denial of service using a craft...
PT-2018-4879 · Jquery · Jquery
Name of the Vulnerable Software and Affected Versions: jquery versions 3.0.0-rc.1 Description: The issue arises due to the removal of logic that lowercased attribute names, leading to an infinite recursion when attribute getters use mixed-cased names for boolean attributes. This results in...
UBUNTU-CVE-2017-3145
BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1...
CVE-2017-3145
BIND was improperly sequencing cleanup operations on upstream recursion fetch contexts, leading in some cases to a use-after-free error that can trigger an assertion failure and crash in named. Affects BIND 9.0.0 to 9.8.x, 9.9.0 to 9.9.11, 9.10.0 to 9.10.6, 9.11.0 to 9.11.2, 9.9.3-S1 to 9.9.11-S1...
Fedora 27 : xen (2017-c432db2971)
xen: various flaws 1501391 multiple MSI mapping issues on x86 XSA-237 DMOP map/unmap missing argument checks XSA-238 hypervisor stack leak in x86 I/O intercept code XSA-239 Unlimited recursion in linear pagetable de-typing XSA-240 Stale TLB entry due to page type release race XSA-241 page type...
CVE-2018-5336
In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could crash. This was addressed in epan/tvbparse.c by limiting the recursion depth...
ALPINE-CVE-2018-5336
In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could crash. This was addressed in epan/tvbparse.c by limiting the recursion depth...
CVE-2018-5336
In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could crash. This was addressed in epan/tvbparse.c by limiting the recursion depth...
UBUNTU-CVE-2018-5336
In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could crash. This was addressed in epan/tvbparse.c by limiting the recursion depth...