K62210928: BIND vulnerability CVE-2020-8618

Security Advisory Description An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients. CVE-2020-8618 Impact There is no impact; F5 products are not...

K16108: BIND vulnerability CVE-2014-8680

Security Advisory Description The GeoIP functionality in ISC BIND 9.10.0 through 9.10.1 allows remote attackers to cause a denial of service assertion failure and named exit via vectors related to 1 the lack of GeoIP databases for both IPv4 and IPv6, or 2 IPv6 support with certain options...

K16718: libTIFF vulnerability CVE-2010-2596

Security Advisory Description The OJPEGPostDecode function in tifojpeg.c in LibTIFF 3.9.0 and 3.9.2, as used in tiff2ps, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted TIFF image, related to "downsampled OJPEG input." CVE-2010-2596 Impact...

K52883417: BIND vulnerability CVE-2020-8620

Security Advisory Description In versions of BIND that use the libuv network manager 9.16.x is the only stable branch affected an incorrectly specified maximum buffer size allows a specially crafted large TCP payload to trigger an assertion failure when it is received. CVE-2020-8620 Impact There ...

Possible out-of-bounds read in release mode

Affected versions of this crate were using a debug assertion to validate the last parameter of partialsort. This would allow invalid inputs to cause an out-of-bounds read instead of immediately panicking, when compiled without debug assertions. All writes are bounds-checked, so the out-of-bounds...

RUSTSEC-2023-0016 Possible out-of-bounds read in release mode

Affected versions of this crate were using a debug assertion to validate the last parameter of partialsort. This would allow invalid inputs to cause an out-of-bounds read instead of immediately panicking, when compiled without debug assertions. All writes are bounds-checked, so the out-of-bounds...

CVE-2023-23781

A stack-based buffer overflow vulnerability CWE-121 in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.19 and below SAML server configuration may allow an authenticated attacker to achieve arbitrary code execution via specifically crafted XML files...

SUSE CVE-2005-0007

Unknown vulnerability in the DLSw dissector in Ethereal 0.10.6 through 0.10.8 allows remote attackers to cause a denial of service application crash from assertion...

SUSE CVE-2005-1460

Multiple unknown dissectors in Ethereal before 0.10.11 allow remote attackers to cause a denial of service assert error via an invalid protocol tree item length...

SUSE CVE-2006-4574

Off-by-one error in the MIME Multipart dissector in Wireshark formerly Ethereal 0.10.1 through 0.99.3 allows remote attackers to cause a denial of service crash via certain vectors that trigger an assertion error related to unexpected length values...

SUSE CVE-2006-5779

OpenLDAP before 2.3.29 allows remote attackers to cause a denial of service daemon crash via LDAP BIND requests with long authcid names, which triggers an assertion failure...

SUSE CVE-2007-0494

ISC BIND 9.0.x, 9.1.x, 9.2.0 up to 9.2.7, 9.3.0 up to 9.3.3, 9.4.0a1 up to 9.4.0a6, 9.4.0b1 up to 9.4.0b4, 9.4.0rc1, and 9.5.0a1 Bind Forum only allows remote attackers to cause a denial of service exit via a type ANY DNS query response that contains multiple RRsets, which triggers an assertion...

SUSE CVE-2007-1560

The clientProcessRequest function in src/clientside.c in Squid 2.6 before 2.6.STABLE12 allows remote attackers to cause a denial of service daemon crash via crafted TRACE requests that trigger an assertion error...

SUSE CVE-2007-5448

Madwifi 0.9.3.2 and earlier allows remote attackers to cause a denial of service panic via a beacon frame with a large length value in the extended supported rates xrates element, which triggers an assertion error, related to net80211/ieee80211scanap.c and net80211/ieee80211scansta.c...

SUSE CVE-2007-5925

The convertsearchmodetoinnobase function in hainnodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial of service database crash via a certain CONTAINS operation on an indexed column, which triggers an assertion error...

SUSE CVE-2008-3834

The dbussignaturevalidate function in the D-bus library libdbus before 1.2.4 allows remote attackers to cause a denial of service application abort via a message containing a malformed signature, which triggers a failed assertion error...

SUSE CVE-2008-4514

The HTML parser in KDE Konqueror 3.5.9 allows remote attackers to cause a denial of service application crash via a font tag with a long color value, which triggers an assertion error...

SUSE CVE-2008-4682

wtap.c in Wireshark 0.99.7 through 1.0.3 allows remote attackers to cause a denial of service application abort via a malformed Tamos CommView capture file aka .ncf file with an "unknown/unexpected packet type" that triggers a failed assertion...

SUSE CVE-2008-5014

jslock.cpp in Mozilla Firefox 3.x before 3.0.2, Firefox 2.x before 2.0.0.18, Thunderbird 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by modifying the window.proto.proto object in a way that...

SUSE CVE-2008-5081

The originatesfromlocallegacyunicastsocket function avahi-core/server.c in avahi-daemon in Avahi before 0.6.24 allows remote attackers to cause a denial of service crash via a crafted mDNS packet with a source port of 0, which triggers an assertion failure...