BIND -- multiple vulnerabilities

ISC reports: A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other...

CVE-2017-7605

aacplusenc.c in HE-AAC+ Codec aka libaacplus 2.0.2 has an assertion failure, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted audio file...

Design/Logic Flaw

aacplusenc.c in HE-AAC+ Codec aka libaacplus 2.0.2 has an assertion failure, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted audio file...

CVE-2017-7605

aacplusenc.c in HE-AAC+ Codec aka libaacplus 2.0.2 has an assertion failure, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted audio file...

CVE-2017-7605

aacplusenc.c in HE-AAC+ Codec aka libaacplus 2.0.2 has an assertion failure, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted audio file...

CVE-2017-7605

CVE-2017-7605 affects HE-AAC+ Codec (libaacplus) 2.0.2, with an assertion failure in aacplusenc.c that could allow a crafted audio file to cause a denial of service (application crash). Connected sources confirm the same issue and note related 7603/7604 variants exist in the same library. No publ...

NetIQ Access Manager Information Disclosure Vulnerability

NetIQ Access Manager provides a simple, secure, and scalable solution to handle all Web access needs. The SAML2 implementation of the Identity Server in NetIQ Access Manager fails to properly handle unsigned SAML requests, allowing an attacker to disclose the results to a potentially malicious...

shopify-scripts: SIGABRT in mrb_debug_info_append_file

PoC ------------------- The following code triggers the bug attached as testmrbdebuginfoappendfile.rb: i""do"".+end mirb ------------------- x@x:/Desktop/test/mruby/bin$ ./mirb testmrbdebuginfoappendfile.rb mirb - Embeddable Interactive Ruby Shell mirb: /home/x/Desktop/test/mruby/src/debug.c:136:...

shopify-scripts: Garbage collector crash

This github issue-tt != MRBTTFREE' failed. Aborted The issue was reintroduced in ecee8c51b0ad8cddd9e422a3e5105f902d7e2781 and is still present in 051e40c0493f2de332f5439e3230c9fe6958bf1a. The issue is fixed by reverting ecee8c51b0ad8cddd9e422a3e5105f902d7e2781. Thank you, Dinko Galetic Denis Kasa...

CVE-2016-9399

The calcstepsizes function in jpcdec.c in JasPer 1.900.22 allows remote attackers to cause a denial of service assertion failure via unspecified vectors...

CVE-2016-9398

The jpcfloorlog2 function in jpcmath.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service assertion failure via unspecified vectors...

Code injection

The jasseq2dcreate function in jasseq.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service assertion failure via a crafted file...

Design/Logic Flaw

The rasgetcmap function in rasdec.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service assertion failure via a crafted image file...

Code injection

The jasseq2dcreate function in jasseq.c in JasPer before 1.900.25 allows remote attackers to cause a denial of service assertion failure via a crafted file...

Integer overflow

The jpcbitstreamgetbits function in jpcbs.c in JasPer before 2.0.10 allows remote attackers to cause a denial of service assertion failure via a very large integer...

Design/Logic Flaw

The jpcirct and jpciict functions in jpcmct.c in JasPer before 1.900.14 allow remote attackers to cause a denial of service assertion failure...

CVE-2016-9397

The jpcdequantize function in jpcdec.c in JasPer 1.900.13 allows remote attackers to cause a denial of service assertion failure via unspecified vectors...

CVE-2016-9390

The jasseq2dcreate function in jasseq.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service assertion failure via a crafted image file...

CVE-2016-9388

The rasgetcmap function in rasdec.c in JasPer before 1.900.14 allows remote attackers to cause a denial of service assertion failure via a crafted image file...

CVE-2016-9392

The calcstepsizes function in jpcdec.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service assertion failure via a crafted file...