124 matches found
RHEL 7 : perl (RHSA-2021:1032)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:1032 advisory. Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fixes: per...
Denial of Service in Page Error Handling
Meta CVSS: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:O/RC:C 5.5 CWE-405, CWE-674 Status: DRAFT Problem Requesting invalid or non-existing resources via HTTP triggers the page error handler which again could retrieve content to be shown as error message from another page. This leads to a...
PT-2021-14442 · Typo3 · Typo3
Name of the Vulnerable Software and Affected Versions: TYPO3 versions prior to 9.5.25 TYPO3 versions prior to 10.4.14 TYPO3 versions prior to 11.1.1 Description: The issue arises when requesting invalid or non-existing resources via HTTP, triggering the page error handler. This handler can retrie...
Moderate: Red Hat Security Advisory: perl security update
An update for perl is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...
AIX 7.2 TL 3 : perl (IJ26986)
https://vulners.com/cve/CVE-2020-10543 https://vulners.com/cve/CVE-2020-10543 Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow. Perl before 5.30.3 has an integer overflow related to mishandling of a...
FTP wildcard stack overflow
libcurl offers a wildcard matching functionality, which allows a callback set with CURLOPTCHUNKBGNFUNCTION to return information back to libcurl on how to handle a specific entry in a directory when libcurl iterates over a list of all available entries. When this callback returns...
Heap Buffer Over-read
binutils:bionic is vulnerable to heap buffer over-read in dexpression1 in cp-demangle.c after many recursive calls...
Denial Of Service (DoS)
binutils:bionic is vulnerable to denial of service DoS. It is a stack consumption issue in dcounttemplatesscopes in cp-demangle.c after many recursive calls...
EulerOS Virtualization 3.0.6.0 : perl-Data-Dumper (EulerOS-SA-2020-1782)
According to the version of the perl-Data-Dumper package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to...
UBUNTU-CVE-2020-12723
regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive Sstudychunk calls. An application written in Perl would only be vulnerable to this flaw if it evaluates regular expressions supplied by the attacker. Evaluating regular expressions in th...
Denial Of Service (DoS)
kernel is vulnerable to denial of service DoS. The vulnerability exists when fput was called to close a socket, the scmdestroy function in the Linux kernel could make indirect recursive calls to itself...
Huawei EulerOS: Security Advisory for perl (EulerOS-SA-2019-2419)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DEBIAN-CVE-2019-20016
libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate this issue...
CVE-2019-20016
libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate this issue...
UBUNTU-CVE-2019-20016
libmysofa before 2019-11-24 does not properly restrict recursive function calls, as demonstrated by reports of stack consumption in readOHDRHeaderMessageDatatype in dataobject.c and directblockRead in fractalhead.c. NOTE: a download of v0.9 after 2019-12-06 should fully remediate this issue...
CVE-2019-16088
Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc...
CVE-2019-16088
Xpdf 3.04 has a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc...
PT-2019-14499 · Foxtan +1 · Xpdf +1
Name of the Vulnerable Software and Affected Versions: Xpdf version 3.04 Description: The issue occurs due to a SIGSEGV in XRef::fetch in XRef.cc after many recursive calls to Catalog::countPageTree in Catalog.cc. Recommendations: For Xpdf version 3.04, at the moment, there is no information abou...
CVE-2018-19838
In LibSass prior to 3.5.5, functions inside ast.cpp for IMPLEMENTASTOPERATORS expansion allow attackers to cause a denial-of-service resulting from stack consumption via a crafted sass file, as demonstrated by recursive calls involving clone, cloneChildren, and copy...
Stack overflow
An issue was discovered in lib\cdt\dttree.c in libcdt.a in graphviz 2.40.1. Stack consumption occurs because of recursive agclose calls in lib\cgraph\graph.c in libcgraph.a, related to agfstsubg in lib\cgraph\subg.c...