UBUNTU-CVE-2017-16932

parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities...

CVE-2017-16932

parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities...

Xen: unbounded recursion in pagetable de-typing(CVE-2017-15595)

Xen allows pagetables of the same level to map each other as readonly in PV domains. This is useful if a guest wants to use the self-referential pagetable trick for easy access to pagetables by mapped virtual address. When cleaning up a pagetable after the last typed reference to it has been...

Adobe Acrobat and Reader StackExhaustion (APSB17-36: CVE-2017-16419)

A stack exhaustion vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to incorrect control of the amount of recursion that can happen. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file. Successful exploitation could...

DEBIAN-CVE-2017-16803

In Libav through 11.11 and 12.x through 12.1, the smackerdecodetree function in libavcodec/smacker.c does not properly restrict tree recursion, which allows remote attackers to cause a denial of service bitstream.c:buildtable out-of-bounds read and application crash via a crafted Smacker stream...

thrift: Infinite recursion via vectors involving the skip function

A vulnerability was discovered in Apache Thrift client libraries that allows remote, authenticated attackers to cause an infinite recursion via vectors involving the skip function; resulting in a denial of service DoS condition...

DEBIAN-CVE-2017-15377

In Suricata before 4.x, it was possible to trigger lots of redundant checks on the content of crafted network traffic with a certain signature, because of DetectEngineContentInspection in detect-engine-content-inspection.c. The search engine doesn't stop when it should after no match is found;...

UBUNTU-CVE-2017-15377

In Suricata before 4.x, it was possible to trigger lots of redundant checks on the content of crafted network traffic with a certain signature, because of DetectEngineContentInspection in detect-engine-content-inspection.c. The search engine doesn't stop when it should after no match is found;...

CVE-2017-15377

In Suricata before 4.x, it was possible to trigger lots of redundant checks on the content of crafted network traffic with a certain signature, because of DetectEngineContentInspection in detect-engine-content-inspection.c. The search engine doesn't stop when it should after no match is found;...

Adobe Flash Player Infinite Recursion Arbitrary Read Access Violation(CVE-2016-4132)

SUMMARY A potentially exploitable read access violation vulnerability exists in the a way Adobe Flash Player handles infinitely recursive calls. A specially crafted ActionScript code can cause a read access violation which can potentially be further abused. To trriger this vulnerability user...

Xen Hypervisor Pagetable De-typing Recursion Handling Guest-to-Host DoS (XSA-240)

According to its self-reported version number, the Xen hypervisor installed on the remote host is affected by a stack overflow vulnerability that is triggered when recursion is not properly handled when de-typing linear pagetables. By stacking multiple layers of page tables, an attacker within a...

ALPINE-CVE-2017-15595

An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service unbounded recursion, stack consumption, and hypervisor crash or possibly gain privileges via crafted page-table stacking...

CVE-2017-15595

An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service unbounded recursion, stack consumption, and hypervisor crash or possibly gain privileges via crafted page-table stacking...

Xen - Unbounded Recursion in Pagetable De-typing Vulnerability

Exploit for linux platform in category dos / poc Xen allows pagetables of the same level to map each other as readonly in PV domains. This is useful if a guest wants to use the self-referential pagetable trick for easy access to pagetables by mapped virtual address. When cleaning up a pagetable...

Xen - Pagetable De-typing Unbounded Recursion

Xen allows pagetables of the same level to map each other as readonly in PV domains. This is useful if a guest wants to use the self-referential pagetable trick for easy access to pagetables by mapped virtual address. When cleaning up a pagetable after the last typed reference to it has been...

Xen - Pagetable De-typing Unbounded Recursion

Xen - Pagetable De-typing Unbounded Recursion Xen allows pagetables of the same level to map each other as readonly in PV domains. This is useful if a guest wants to use the self-referential pagetable trick for easy access to pagetables by mapped virtual address. When cleaning up a pagetable afte...

CVE-2017-15024

findabstractinstancename in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service infinite recursion and application crash via a crafted ELF file...

CVE-2017-15024

findabstractinstancename in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service infinite recursion and application crash via a crafted ELF file...

CVE-2015-7391

Multiple cross-site scripting XSS vulnerabilities in TestLink before 1.9.14 allow remote attackers to inject arbitrary web script or HTML via the 1 selectedenddate or 2 selectedstartdate parameter to lib/results/tcCreatedPerUserOnTestProject.php; the 3 containerType parameter to...

SUSE-SU-2017:2555-1 Security update for wireshark

This update for wireshark to version 2.2.9 fixes several issues. These security issues were fixed: - CVE-2017-13767: The MSDP dissector could have gone into an infinite loop. This was addressed by adding length validation bsc1056248. - CVE-2017-13766: The Profinet I/O dissector could have crash...