28 matches found
ALPINE-CVE-2021-28687
HVM soft-reset crashes toolstack libxl requires all data structures passed across its public interface to be initialized before use and disposed of afterwards by calling a specific set of functions. Many internal data structures also require this initialize / dispose discipline, but not all of...
UBUNTU-CVE-2020-6097
An exploitable denial of service vulnerability exists in the atftpd daemon functionality of atftp 0.7.git20120829-3.1+b1. A specially crafted sequence of RRQ-Multicast requests trigger an assert call resulting in denial-of-service. An attacker can send a sequence of malicious packets to trigger...
dovecot security update
1:2.2.36-6.1 - fix CVE-2020-12100 resource exhaustion via deeply nested MIME parts 1871841 - fix CVE-2020-12673 out of bound reads in dovecot NTLM implementation 1871843 - fix CVE-2020-12674 crash due to assert in RPA implementation 1871842...
FreeBSD : mail/dovecot -- multiple vulnerabilities (87a07de1-e55e-4d51-bb64-8d117829a26a)
Aki Tuomi reports : Parsing mails with a large number of MIME parts could have resulted in excessive CPU usage or a crash due to running out of stack memory.. Dovecot's NTLM implementation does not correctly check message buffer size, which leads to reading past allocation which can lead to crash...
CVE-2018-1000037
CVE-2018-1000037 affects MuPDF up to 1.12.0 and earlier, where multiple reachable assertions in MuPDF’s PDF parser can be exploited to cause a denial of service (assert crash) via a crafted file. The issue is tied to the PDF parser’s handling of crafted input, enabling a local impact when process...
CVE-2018-1000037
In Artifex MuPDF 1.12.0 and earlier, multiple reachable assertions in the PDF parser allow an attacker to cause a denial of service assert crash via a crafted file...
Fedora 25 : 1:dovecot (2016-daf90926d4)
Fixed crash in auth process when auth-policy was configured and authentication was aborted/failed without a username set. - director: If two users had different tags but the same hash, the users may have been redirected to the wrong tag's hosts. - Index files may have been thought incorrectly...
Moderate: Red Hat Security Advisory: openldap security and bug fix update
Updated openldap packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...