7041 matches found
CVE-2016-7540
coders/rgf.c in ImageMagick before 6.9.4-10 allows remote attackers to cause a denial of service assertion failure by converting an image to rgf format...
Medium: GraphicsMagick
Issue Overview: The QuantumTransferMode function in coders/tiff.c in GraphicsMagick 1.3.25 and earlier allows remote attackers to cause a denial of service out-of-bounds read and application crash via a small samples per pixel value in a CMYKA TIFF file.CVE-2017-6335 The WPG format reader in...
Important: Red Hat Security Advisory: bind security update
An update for bind is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
CVE-2017-3138
A denial of service flaw was found in the way BIND processed control channel commands. A remote attacker with access to the BIND control channel could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted command...
CVE-2017-3136
A denial of service flaw was found in the way BIND handled query requests when using DNS64 with "break-dnssec yes" option. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request. Mitigation Servers which have...
The vulnerability of the OpenBSD operating system, which allows a hacker to trigger a service failure
The vulnerability of the OpenBSD operating system is related to errors in number processing. Exploiting this vulnerability allows a malicious actor, operating locally, to cause a service failure—i.e., the appearance of a “Assertion failure” window and a kernel error. This occurs by using a large...
SUSE SLED12 / SLES12 Security Update : bind (SUSE-SU-2017:0998-1)
This update for bind fixes the following issues: CVE-2017-3137 bsc1033467: Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could have been exploited to cause a denial of service of a bind server performing recursion...
FreeBSD : BIND -- multiple vulnerabilities (c6861494-1ffb-11e7-934d-d05099c0ae8c)
ISC reports : A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other...
UBUNTU-CVE-2017-3137
Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an unusual order. Affects BIND...
CVE-2017-3137
Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could lead to a situation in which named would exit with an assertion failure when processing a response in which records occurred in an unusual order. Affects BIND...
BIND -- multiple vulnerabilities
ISC reports: A query with a specific set of characteristics could cause a server using DNS64 to encounter an assertion failure and terminate. An attacker could deliberately construct a query, enabling denial-of-service against a server if it was configured to use the DNS64 feature and other...
CVE-2017-7605
aacplusenc.c in HE-AAC+ Codec aka libaacplus 2.0.2 has an assertion failure, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted audio file...
CVE-2017-7605
aacplusenc.c in HE-AAC+ Codec aka libaacplus 2.0.2 has an assertion failure, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted audio file...
Design/Logic Flaw
aacplusenc.c in HE-AAC+ Codec aka libaacplus 2.0.2 has an assertion failure, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted audio file...
CVE-2017-7605
CVE-2017-7605 affects HE-AAC+ Codec (libaacplus) 2.0.2, with an assertion failure in aacplusenc.c that could allow a crafted audio file to cause a denial of service (application crash). Connected sources confirm the same issue and note related 7603/7604 variants exist in the same library. No publ...
CVE-2017-7605
aacplusenc.c in HE-AAC+ Codec aka libaacplus 2.0.2 has an assertion failure, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted audio file...
NetIQ Access Manager Information Disclosure Vulnerability
NetIQ Access Manager provides a simple, secure, and scalable solution to handle all Web access needs. The SAML2 implementation of the Identity Server in NetIQ Access Manager fails to properly handle unsigned SAML requests, allowing an attacker to disclose the results to a potentially malicious...
shopify-scripts: SIGABRT in mrb_debug_info_append_file
PoC ------------------- The following code triggers the bug attached as testmrbdebuginfoappendfile.rb: i""do"".+end mirb ------------------- x@x:/Desktop/test/mruby/bin$ ./mirb testmrbdebuginfoappendfile.rb mirb - Embeddable Interactive Ruby Shell mirb: /home/x/Desktop/test/mruby/src/debug.c:136:...
shopify-scripts: Garbage collector crash
This github issue-tt != MRBTTFREE' failed. Aborted The issue was reintroduced in ecee8c51b0ad8cddd9e422a3e5105f902d7e2781 and is still present in 051e40c0493f2de332f5439e3230c9fe6958bf1a. The issue is fixed by reverting ecee8c51b0ad8cddd9e422a3e5105f902d7e2781. Thank you, Dinko Galetic Denis Kasa...
CVE-2016-9399
The calcstepsizes function in jpcdec.c in JasPer 1.900.22 allows remote attackers to cause a denial of service assertion failure via unspecified vectors...