73 matches found
SUSE CVE-2016-4003
Cross-site scripting XSS vulnerability in the URLDecoder function in JRE before 1.8, as used in Apache Struts 2.x before 2.3.28, when using a single byte page encoding, allows remote attackers to inject arbitrary web script or HTML via multi-byte characters in a url-encoded parameter...
SUSE CVE-2022-0934
A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service...
The vulnerability of the URLDecoder class implementation in the Java Runtime Environment and the Java Development Kit application development tools allows attackers to perform cross-site scripting attacks.
The vulnerability of the URLDecoder class implementation in the Java Runtime Environment and the Java Development Kit for application development is related to the use of single-byte encoding for pages. Exploiting this vulnerability allows a remote attacker to perform cross-page scripting attacks...
ALPINE-CVE-2022-0934
A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service...
DEBIAN-CVE-2022-0934
A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service...
Design/Logic Flaw
A single-byte, non-arbitrary write/use-after-free flaw was found in dnsmasq. This flaw allows an attacker who sends a crafted packet processed by dnsmasq, potentially causing a denial of service...
The vulnerability of the nfnetlink_queue module in Linux operating systems, related to incorrect handling of verdicts with a single-byte attribute nfta_payload, allows a perpetrator to trigger a service failure.
The vulnerability of the nfnetlinkqueue module in Linux operating systems is related to incorrect handling of verdicts with a single-byte attribute named nftapayload. Exploiting this vulnerability allows an attacker to cause service failures remotely...
Huawei EulerOS: Security Advisory for dnsmasq (EulerOS-SA-2022-1962)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GHSA-M3X6-9V6H-4G28 Cross-site Scripting in Apache Struts
Cross-site scripting XSS vulnerability in the URLDecoder function in JRE before 1.8, as used in Apache Struts 2.x before 2.3.28, when using a single byte page encoding, allows remote attackers to inject arbitrary web script or HTML via multi-byte characters in a url-encoded parameter...
CLSA-2022-1648149396 Fix CVE(s): CVE-2021-3999
SECURITY UPDATE: single byte buffer underflow and overflow - debian/patches/any/CVE-2021-3999.patch: reject buffer of size 1 and return NULL with errno set to ERANGE - CVE-2021-3999...
CLSA-2022-1648149189 Fix of CVE: CVE-2021-3999
CVE-2021-3999: single byte buffer overflow and overflow in getcwd...
CLSA-2022-1648138117 Fix of CVE: CVE-2021-3999
CVE-2021-3999: fix single byte buffer overflow and overflow in getcwd...
CLSA-2022-1648138064 Fixed CVE-2021-3999 in glibc
CVE-2021-3999: fix single byte buffer overflow and overflow in getcwd...
CVE-2007-5199
A single byte overflow in catalogue.c in X.Org libXfont 1.3.1 allows remote attackers to have unspecified impact...
CVE-2007-5199
A single byte overflow in catalogue.c in X.Org libXfont 1.3.1 allows remote attackers to have unspecified impact...
CVE-2007-5199
A single byte overflow in catalogue.c in X.Org libXfont 1.3.1 allows remote attackers to have unspecified impact...
OpenJPEG Single Byte Overflow Vulnerability
OpenJPEG library is written in C language open source JPEG 2000 codec . OpenJPEG 2.1.2 suffers from a single-byte overflow vulnerability in the openjp2/pi.c:523 opjpinextcprl function, which can lead to a denial of service...
Mozilla Firefox Denial of Service Vulnerability (CNVD-2015-08319)
Mozilla Firefox is an open source web browser developed by the Mozilla Foundation in the United States. A security vulnerability exists in the HTTP/2 implementation of Mozilla Firefox prior to version 43.0. A remote attacker can exploit this vulnerability to cause a denial of service integer...
UBUNTU-CVE-2015-7218
The HTTP/2 implementation in Mozilla Firefox before 43.0 allows remote attackers to cause a denial of service integer underflow, assertion failure, and application exit via a single-byte header frame that triggers incorrect memory allocation...
Wireshark 'pcapng.c' Denial of Service Vulnerability
Wireshark is an open source network protocol analysis tool. The pcapngread function in Wireshark wiretap/pcapng.c handles malicious messages with a single-byte overflow error, allowing an attacker to exploit a vulnerability by submitting a special message to crash the application...