pcre: buffer overflow for forward reference within backward assertion with excess closing parenthesis (8.38/18)

Heap-based buffer overflow in the findfixedlength function in pcrecompile.c in PCRE before 8.38 allows remote attackers to cause a denial of service crash or obtain sensitive information from heap memory and possibly bypass the ASLR protection mechanism via a crafted regular expression with an...

F5 Networks BIG-IP : NTP vulnerability (K17515)

The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service assertion failure via a 6 or mode 7 packet containing a long data value. CVE-2015-7855 Impact A locally authenticated user may be able to disrupt ntpd...

CVE-2016-4049

The bgpdumproutesfunc function in bgpd/bgpdump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service assertion failure and daemon crash via a large BGP packet...

CVE-2016-4049

The bgpdumproutesfunc function in bgpd/bgpdump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service assertion failure and daemon crash via a large BGP packet...

Design/Logic Flaw

The bgpdumproutesfunc function in bgpd/bgpdump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service assertion failure and daemon crash via a large BGP packet...

CVE-2016-4049

The bgpdumproutesfunc function in bgpd/bgpdump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service assertion failure and daemon crash via a large BGP packet...

CVE-2016-4049

The bgpdumproutesfunc function in bgpd/bgpdump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service assertion failure and daemon crash via a large BGP packet...

UBUNTU-CVE-2016-4049

The bgpdumproutesfunc function in bgpd/bgpdump.c in Quagga does not perform size checks when dumping data, which might allow remote attackers to cause a denial of service assertion failure and daemon crash via a large BGP packet...

ISC BIND DNS Cookie Assertion Failure Denial of Service (CVE-2016-2088)

A denial-of-service vulnerability exists in ISC BIND9. The vulnerability is due to improperly processing DNS cookies. A remote attacker could exploit this vulnerabilities by sending a maliciously crafted DNS packet to a target BIND server...

CVE-2016-1660

Blink, as used in Google Chrome before 50.0.2661.94, mishandles assertions in the WTF::BitArray and WTF::doubleconversion::Vector classes, which allows remote attackers to cause a denial of service out-of-bounds write or possibly have unspecified other impact via a crafted web site...

CVE-2016-1660

Removed by vendor...

pcre: buffer overflow for forward reference within backward assertion with excess closing parenthesis (8.38/18)

Heap-based buffer overflow in the findfixedlength function in pcrecompile.c in PCRE before 8.38 allows remote attackers to cause a denial of service crash or obtain sensitive information from heap memory and possibly bypass the ASLR protection mechanism via a crafted regular expression with an...

pcre: buffer overflow for forward reference within backward assertion with excess closing parenthesis (8.38/18)

PCRE before 8.38 mishandles the /?=di?=?1|?=./ pattern and related patterns with an unmatched closing parenthesis, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript...

Microsoft Office 3 6 5 platform SAML service vulnerability, unauthorized access to other users of the resource-vulnerability warning-the black bar safety net

! Recently, two security researchers, Klemen Bratec and Ioannis Kakavas, announced they found one in Microsoft Office 3 6 5 platform on the SAML service vulnerability that can be exploited to perform cross-domain authentication bypass, and eventually to 3 6 5 on the platform of the all the Federa...

Wireshark - alloc_address_wmem Assertion Failure

Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=804 The following crash due to an asserion failure can be observed in an ASAN build of Wireshark current git master, by feeding a malformed file to tshark "$ ./tshark -nVxr...

Wireshark - alloc_address_wmem Assertion Failure

Wireshark - allocaddresswmem Assertion Failure Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=804 The following crash due to an asserion failure can be observed in an ASAN build of Wireshark current git master, by feeding a malformed file to tshark "$ ./tshark -nVxr...

Wireshark - alloc_address_wmem Assertion Failure

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=804 The following crash due to an asserion failure can be observed in an ASAN build of Wireshark current git master, by feeding a malformed file to tshark "$ ./tshark -nVxr /path/to/file": --- cut ---...

AIX 6.1 TL 9 : bind (IV81279) (deprecated)

ISC BIND is vulnerable to a denial of service, caused by improper bounds checking in apl42.c. By sending specially crafted Address Prefix List APL data, a remote authenticated attacker could exploit this vulnerability to trigger an INSIST assertion failure and cause the named process to terminate...

DNS BIND server vulnerability, allowing attackers to cause service failures

The vulnerability of the DNS BIND server component exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to cause a service failure—the appearance of an “Assertion Failure” error, and the termination of the daemon—by using a specially crafted...

DNS BIND server vulnerability, allowing attackers to cause service failures

The vulnerability of the BIND DNS server component exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to cause service failures—such as the appearance of an “Assertion Failure” error and the termination of the daemon—by using a specially...