Memcached Server Append/Prepend Remote Code Execution Vulnerability

Summary An integer overflow in the processbinappendprepend function which is responsible for processing multiple commands of Memcached binary protocol can be abused to cause heap overflow and lead to remote code execution. Tested Versions Memcached 1.4.31 Product URLs https://memcached.org/ CVSSv...

PHP 7.0 - 'AppendIterator::append' Local Denial of Service

Exploit for php platform in category dos / poc append$tmp; // Crash ? 0day.today 2017-12-31...

Easy FTP Server APPE Remote Code Execution Vulnerability

Easy FTP Server is a free green software that does not require installation and is prohibited for commercial use Supports multiple users, multiple permissions, multiple directories, supports web access, supports Windows system service mode. Easy FTP Server has a security vulnerability. Due to the...

The vulnerability of the Dovecot mail server, which allows a remote attacker to cause a service failure

The Dovecot software contains a bug in the implementation of the IMAP protocol /imap/cmd-append.c. A malicious actor can cause a service failure by using a specially crafted network packet with an incorrectly set “APPEND” parameter, thereby causing the software to enter an infinite loop...

PT-2016-4060 · Libarchive +2 · Libarchive +2

Name of the Vulnerable Software and Affected Versions: libarchive versions prior to 3.2.0 Description: The issue allows remote attackers to cause a denial of service crash via crafted cab files. This is related to "overlapping memcpy" in the archive string append function in archive string.c...

kernel security and bug fix update

3.10.0-327.18.2.OL7 - Oracle Linux certificates Alexey Petrenko 3.10.0-327.18.2 - lib keys: Fix ASN.1 indefinite length object parsing David Howells 1308814 1308815 CVE-2016-0758 3.10.0-327.18.1 - scsi bnx2fc: Fix FCP RSP residual parsing Maurizio Lombardi 1322279 1306342 - mm madvise: fix...

UBUNTU-CVE-2016-1634

Use-after-free vulnerability in the StyleResolver::appendCSSStyleSheet function in WebKit/Source/core/css/resolver/StyleResolver.cpp in Blink, as used in Google Chrome before 49.0.2623.75, allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted...

UBUNTU-CVE-2016-2569

Squid 3.x before 3.5.15 and 4.x before 4.0.7 does not properly append data to String objects, which allows remote servers to cause a denial of service assertion failure and daemon exit via a long string, as demonstrated by a crafted HTTP Vary header...

CVE-2010-2537

The btrfsioctlclone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a 1 BTRFSIOCCLONE or 2 BTRFSIOCCLONERANGE ioctl call that specifies this file as a donor...

The vulnerability of the Thunderbird email client, which allows a hacker to trigger a service failure

The vulnerability of the nsXMLHttpRequest::AppendToResponseText method in the Thunderbird email client is caused by an overflow in the buffer in the dynamic memory. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

Memory corruption

The ArrayBufferBuilder::append function in Mozilla Firefox before 39.0, Firefox ESR 31.x before 31.8 and 38.x before 38.1, and Thunderbird before 38.1 accesses unintended memory locations, which has unspecified impact and attack vectors...

Mozilla Firefox/Firefox ESR/Thunderbird ArrayBufferBuilder::append Function Information Disclosure Vulnerability

Mozilla Firefox/Thunderbird is a web browser/email client released by Mozilla. An information disclosure vulnerability exists in the Mozilla Firefox/Firefox ESR/Thunderbird ArrayBufferBuilder::append function, which can be exploited by a remote attacker to access arbitrary memory locations...

tipask注入漏洞

简要描述： sql注入漏洞（2次注入） 详细说明： 官方最新源码测试 在control中answer.php中 追问模块---追问 / function onappend $this-load"message"; $qid = intval$this-get2 ? $this-get2 : intval$this-post'qid'; $aid = intval$this-get3 ? $this-get3 : intval$this-post'aid'; $question = $ENV'question'-get$qid; $answer = $ENV'answer'-get$aid...

Venafi to Launch Certificate Transparency Log

Three weeks after the first non-Google public log for Certificate Transparency was launched by DigiCert, officials at Venafi said that the company plans to debut its own public CT log. On Jan. 1 Google approved the use of DigiCert’s log, the first CT log that is independent and not operated by...

PT-2023-25556 · Monetdb +1 · Monetdb Server +1

Name of the Vulnerable Software and Affected Versions: MonetDB Server versions 11.45.17 through 11.46.0 Description: The issue in the list append component allows attackers to cause a Denial of Service DoS via crafted SQL statements. Recommendations: For versions 11.45.17 and 11.46.0, update to a...

DEBIAN-CVE-2015-0563

epan/dissectors/packet-smtp.c in the SMTP dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 uses an incorrect length value for certain string-append operations, which allows remote attackers to cause a denial of service application crash via a crafted packet...

CVE-2013-2111

The IMAP functionality in Dovecot before 2.2.2 allows remote attackers to cause a denial of service infinite loop and CPU consumption via invalid APPEND parameters...

CVE-2013-2111

The IMAP functionality in Dovecot before 2.2.2 allows remote attackers to cause a denial of service infinite loop and CPU consumption via invalid APPEND parameters...

CVE-2013-2111

The IMAP functionality in Dovecot before 2.2.2 allows remote attackers to cause a denial of service infinite loop and CPU consumption via invalid APPEND parameters...

Design/Logic Flaw

The IMAP functionality in Dovecot before 2.2.2 allows remote attackers to cause a denial of service infinite loop and CPU consumption via invalid APPEND parameters...