DEBIAN-CVE-2018-1126

procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc. leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124...

CVE-2018-1126

procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc. leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124...

UBUNTU-CVE-2018-1126

procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc. leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124...

Linux Kernel rds_message_alloc_sgs() Local Denial of Service Vulnerability

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A local denial of service vulnerability exists in the 'rdsmessageallocsgs' parameter in Linux kernel 4.14.13 and earlier, which stems from a program's failure to...

DEBIAN-CVE-2017-11695

Heap-based buffer overflow in the allocsegs function in lib/dbm/src/hash.c in Mozilla Network Security Services NSS allows context-dependent attackers to have unspecified impact using a crafted cert8.db file...

CVE-2017-5114

Inappropriate use of partition alloc in PDFium in Google Chrome prior to 61.0.3163.79 for Linux, Windows, and Mac, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit memory corruption via a crafted PDF file...

Memory corruption

Inappropriate use of partition alloc in PDFium in Google Chrome prior to 61.0.3163.79 for Linux, Windows, and Mac, and 61.0.3163.81 for Android, allowed a remote attacker to potentially exploit memory corruption via a crafted PDF file...

ALPINE-CVE-2017-14316

A parameter verification issue was discovered in Xen through 4.9.x. The function allocheappages allows callers to specify the first NUMA node that should be used for allocations through the memflags parameter; the node is extracted using the MEMFgetnode macro. While the function checks to see if...

UBUNTU-CVE-2017-14316

A parameter verification issue was discovered in Xen through 4.9.x. The function allocheappages allows callers to specify the first NUMA node that should be used for allocations through the memflags parameter; the node is extracted using the MEMFgetnode macro. While the function checks to see if...

ncurses denial of service vulnerability (CNVD-2017-25655)

ncurses new curses is a library of programs that provides APIs that allow programmers to write text-based user interfaces that are independent of the terminal. A denial of service vulnerability exists in the ncsavestr function in allocentry.c in Ncurses, which can be exploited by a remote attacke...

DEBIAN-CVE-2017-13729

There is an illegal address access in the ncsavestr function in allocentry.c in ncurses 6.0. It will lead to a remote denial of service attack...

DEBIAN-CVE-2017-7861

Google gRPC before 2017-02-22 has an out-of-bounds write related to the gprfree function in core/lib/support/alloc.c...

UBUNTU-CVE-2016-10253

An issue was discovered in Erlang/OTP 18.x. Erlang's generation of compiled regular expressions is vulnerable to a heap overflow. Regular expressions using a malformed extpattern can indirectly specify an offset that is used as an array index. This ordinal permits arbitrary regions within the...

DEBIAN-CVE-2016-10166

Integer underflow in the gdContributionsAlloc function in gdinterpolation.c in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to have unspecified impact via vectors related to decrementing the u variable...

spice: Buffer overflow in main_channel_alloc_msg_rcv_buf when reading large messages

A vulnerability was discovered in SPICE in the server's protocol handling. An authenticated attacker could send crafted messages to the SPICE server causing a heap overflow leading to a crash or possible code execution...

UBUNTU-CVE-2016-10166

Integer underflow in the gdContributionsAlloc function in gdinterpolation.c in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to have unspecified impact via vectors related to decrementing the u variable...

kernel: Use after free in array_map_alloc

Use after free vulnerability was found in percpu using previously allocated memory in bpf. First allocpercpugfp is called, then the memory is freed with freepercpu which triggers async pcpubalancework and then pcpuextendareamap could use a chunk after it has been freed...

kernel: Use after free in array_map_alloc

Use after free vulnerability was found in percpu using previously allocated memory in bpf. First allocpercpugfp is called, then the memory is freed with freepercpu which triggers async pcpubalancework and then pcpuextendareamap could use a chunk after it has been freed...

PHP '_gdContributionsAlloc()' Function Integer Overflow Vulnerability

PHP is an open source general-purpose computer scripting language. An integer overflow vulnerability exists in the PHP 'gdContributionsAlloc' Function, which allows an attacker to execute arbitrary code within the context of an affected application. or a failed attack would result in a denial of...

CVE-2014-9789

The 1 alloc and 2 free APIs in arch/arm/mach-msm/qdsp6v2/msmaudioion.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices do not validate parameters, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28749392 and Qualcomm interna...