166 matches found
CVE-2016-5186
Devtools in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly handled objects after a tab crash, which allowed a remote attacker to perform an out of bounds memory read via crafted PDF files...
chromium-browser: use after free in pdfium
A use after free in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file...
libldb: remote memory read in the Samba LDAP server
A memory-read flaw was found in the way the libldb library processed LDB DN records with a null byte. An authenticated, remote attacker could use this flaw to read heap-memory pages from the server...
libldb: remote memory read in the Samba LDAP server
A memory-read flaw was found in the way the libldb library processed LDB DN records with a null byte. An authenticated, remote attacker could use this flaw to read heap-memory pages from the server...
Oracle Linux 6 / 7 : libldb (ELSA-2016-0009)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-0009 advisory. - Resolves: rhbz1290712 - CVE-2015-5330 libldb: samba: Remote memory read in Samba LDAP server rhel-7.2.z Tenable has extracted the preceding...
libldb: remote memory read in the Samba LDAP server
A memory-read flaw was found in the way the libldb library processed LDB DN records with a null byte. An authenticated, remote attacker could use this flaw to read heap-memory pages from the server...
libldb security update
1.1.13-3.1 - Resolves: rhbz1290712 - CVE-2015-5330 libldb: samba: Remote memory read in Samba LDAP server rhel-7.2.z - Remove the patch from the previous commit, it doesn't fix a remotely eploitable issue. Add patches from upstream 11636 instead...
[SECURITY] [DSA 3433-1] samba security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3433-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 02, 2016 https://www.debian.org/security/faq -...
UBUNTU-CVE-2015-8948
idn in GNU libidn before 1.33 might allow remote attackers to obtain sensitive memory information by reading a zero byte as input, which triggers an out-of-bounds read...
Security fix for the ALT Linux 7 package samba version 4.3.3-alt1
Dec. 16, 2015 Andrey Cherepanov 4.3.3-alt1 - New version https://www.samba.org/samba/history/samba-4.3.3.html - Security fixes: - CVE-2015-3223 Denial of service in Samba Active Directory server - CVE-2015-5252 Insufficient symlink verification in smbd - CVE-2015-5299 Missing access control check...
Remote memory read in Samba LDAP server.
Description All versions of Samba from 4.0.0 to 4.3.2 inclusive resp. all ldb versions up to 1.1.23 inclusive are vulnerable to a remote memory read attack in the samba daemon LDAP server. A malicious client can send packets that cause the LDAP server in the samba daemon process to return heap...
NTP ntpd Input Validation Vulnerability
ntpd Network Time Protocol daemon is an operating system daemon that uses the Network Time Protocol NTP to keep synchronized with the system time of a time server. A security vulnerability exists in the ntpcrypto.c file in ntpd in NTP 4.2.8 and earlier versions. A remote attacker could exploit th...
PT-2015-1968 · Qemu Team +5 · Qemu +5
Name of the Vulnerable Software and Affected Versions: QEMU versions prior to the version used in Xen 4.6 Xen versions 4.5.x and earlier Description: The issue is related to the C+ mode offload emulation in the RTL8139 network card device model in QEMU. It allows remote attackers to read process...
The vulnerability of the Firefox browser, which allows a hacker to read data from uninitialized memory areas
The vulnerability of the CairoTextureClientD3D9::BorrowDrawTarget function in the implementation of the Direct3D 9 browser Firefox is related to errors in the code. Exploiting this vulnerability may allow a malicious actor to read data from uninitialized memory areas remotely...
DEBIAN-CVE-2015-3237
The smbrequeststate function in cURL and libcurl 7.40.0 through 7.42.1 allows remote SMB servers to obtain sensitive information from memory or cause a denial of service out-of-bounds read and crash via crafted length and offset values...
Dnsmasq 'setup_reply()' Denial of Service Vulnerability
DNSmasq is a small and handy tool for configuring DNS and DHCP for small networks that provides DNS functionality and optional DHCP functionality. Dnsmasq suffers from a denial of service vulnerability in its implementation, which can be exploited by a remote user to read the contents of process...
UBUNTU-CVE-2014-9351
engine/server/server.cpp in Teeworlds 0.6.x before 0.6.3 allows remote attackers to read memory and cause a denial of service crash via unspecified vectors...
CVE-2014-1497
The mozilla::WaveReader::DecodeAudioData function in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive information from process heap memory, cause a denial of service out-of-bounds read and...
DEBIAN-CVE-2012-1180
Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request...
DEBIAN-CVE-2008-4314
smbd in Samba 3.0.29 through 3.2.4 might allow remote attackers to read arbitrary memory and cause a denial of service via crafted 1 trans, 2 trans2, and 3 nttrans requests, related to a "cut&paste error" that causes an improper bounds check to be performed...