1297 matches found
Microsoft Windows OLE Remote Code Execution (MS16-044: CVE-2016-0153)
A vulnerability was identified in Microsoft Word while processing an embedded object within a word document that could lead to a stack memory corruption. The Stack Corruption occures in ole32!OleRegEnumVerbs Functionis with an out of bound write...
CVE-2016-2563
Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows remote servers to cause a denial of service stack memory corruption or execute arbitrary code via a crafted SCP-SINK file-size response to an SCP download request...
Stack overflow
Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows remote servers to cause a denial of service stack memory corruption or execute arbitrary code via a crafted SCP-SINK file-size response to an SCP download request...
CVE-2016-2563
Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows remote servers to cause a denial of service stack memory corruption or execute arbitrary code via a crafted SCP-SINK file-size response to an SCP download request...
CVE-2016-2563
Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows remote servers to cause a denial of service stack memory corruption or execute arbitrary code via a crafted SCP-SINK file-size response to an SCP download request...
CVE-2014-9769
pcrejitcompile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service stack memory corruption or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata...
PCRE pcre_jit_compile.c Denial of Service Vulnerability
PCRE is a Perl library that includes a perl-compatible regular expression library. PCRE version 8.35 pcrejitcompile.c fails to properly optimize nested substitutions using table jumps. A remote attacker could utilize the constructed strings to cause a denial of service stack memory corruption...
Tor: Overreads/overcopies in torsocks
First off, I know torsocks isn't in scope, so I don't expect anything in return for this. I happened to stumble upon this so why not report it. However if you feel generous you're welcome to give me bounty/swag ofcourse :P. Here 16 bytes instead of 4 are copied, thereby copying 12 bytes of...
Memory corruption
pcrejitcompile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service stack memory corruption or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata...
CVE-2014-9769
pcrejitcompile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service stack memory corruption or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata...
CVE-2014-9769
pcrejitcompile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service stack memory corruption or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata...
CVE-2014-9769
CVE-2014-9769 targets the PCRE library (PCRE 8.35) with a flaw in pcre_jit_compile.c where table jumps are not used correctly for nested alternatives. This can allow remote attackers to trigger a denial of service (stack memory corruption/segfault) via a crafted string observed in Suricata/Open R...
CVE-2014-9769
pcrejitcompile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service stack memory corruption or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata...
CVE-2014-9769
pcrejitcompile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service stack memory corruption or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata...
CVE-2016-1956
Mozilla Firefox before 45.0 on Linux, when an Intel video driver is used, allows remote attackers to cause a denial of service memory consumption or stack memory corruption by triggering use of a WebGL shader...
QEMU Denial of Service Vulnerability (CNVD-2016-01541)
QEMU is a simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. QEMU has a security vulnerability. Due to an error in the program's handling of requests for random number generation entropy. A local attacker exploited the...
CVE-2016-1977
The Machine::Code::decoder::analysis::setref function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code or cause a denial of service stack memory corruption via a crafted Graphite smart font...
CVE-2016-1956
Mozilla Firefox before 45.0 on Linux, when an Intel video driver is used, allows remote attackers to cause a denial of service memory consumption or stack memory corruption by triggering use of a WebGL shader...
FreeBSD : jasper -- multiple vulnerabilities (006e3b7c-d7d7-11e5-b85f-0018fe623f2b)
oCERT reports : The library is affected by a double-free vulnerability in function jasiccattrvaldestroy as well as a heap-based buffer overflow in function jp2decode. A specially crafted jp2 file can be used to trigger the vulnerabilities. oCERT reports : The library is affected by an off-by-one...
Network Time Protocol Private Mode 'reslist' Stack Memory Exhaustion Vulnerability
CERT VU357792 Summary An unauthenticated ntpdc reslist command can cause a segmentation fault in ntpd by exhausting the call stack. The following conditions must be met: 1. Mode 7 must be enabled. By default, mode 7 is disabled. 2. A large enough number of entries must be in the restrict lists to...