7041 matches found
CVE-2017-6498
An issue was discovered in ImageMagick 6.9.7. Incorrect TGA files could trigger assertion failures, thus leading to DoS...
UBUNTU-CVE-2017-6498
An issue was discovered in ImageMagick 6.9.7. Incorrect TGA files could trigger assertion failures, thus leading to DoS...
CVE-2017-5981
seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service assertion failure and crash via a crafted ZIP file...
CVE-2017-5981
seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service assertion failure and crash via a crafted ZIP file...
CVE-2017-5981
CVE-2017-5981 affects zziplib 0.13.62; the seeko.c path allows remote attackers to cause a denial of service (assertion failure and crash) via a crafted ZIP file. Upstream fixes/multi-distribution advisories indicate upgrading to 0.13.66+ (e.g., 0.13.66-2 in Arch, other vendors’ advisories) to mi...
CVE-2017-5981
seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service assertion failure and crash via a crafted ZIP file...
CVE-2017-5981
seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service assertion failure and crash via a crafted ZIP file...
CVE-2017-5981
seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service assertion failure and crash via a crafted ZIP file...
UBUNTU-CVE-2017-5981
seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service assertion failure and crash via a crafted ZIP file...
EulerOS 2.0 SP1 : bind (EulerOS-SA-2016-1052)
According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ISC BIND 9.x before 9.9.9-P2, 9.10.x before 9.10.4-P2, and 9.11.x before 9.11.0b2, when lwresd or the named lwres option is enabled, allows remote...
ISC BIND DNS64 and RPZ Denial of Service Vulnerability
ISC BIND is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; ifdescription...
CVE-2017-5986
Race condition in the sctpwaitforsndbuf function in net/sctp/socket.c in the Linux kernel before 4.9.11 allows local users to cause a denial of service assertion failure and panic via a multithreaded application that peels off an association in a certain buffer-full state...
DEBIAN-CVE-2016-9814
The validateSignature method in the SAML2\Utils class in SimpleSAMLphp before 1.14.10 and simplesamlphp/saml2 library before 1.9.1, 1.10.x before 1.10.3, and 2.x before 2.3.3 allows remote attackers to spoof SAML responses or possibly cause a denial of service memory consumption by leveraging...
UBUNTU-CVE-2016-9814
The validateSignature method in the SAML2\Utils class in SimpleSAMLphp before 1.14.10 and simplesamlphp/saml2 library before 1.9.1, 1.10.x before 1.10.3, and 2.x before 2.3.3 allows remote attackers to spoof SAML responses or possibly cause a denial of service memory consumption by leveraging...
CVE-2017-5981
seeko.c in zziplib 0.13.62 allows remote attackers to cause a denial of service assertion failure and crash via a crafted ZIP file...
bind: Assertion failure when using DNS64 and RPZ Can Lead to Crash
A denial of service flaw was found in the way BIND handled query responses when both DNS64 and RPZ were used. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure or a null pointer dereference via a specially crafted DNS response...
Fedora 24 : viewvc (2017-2bce6ed778)
Version 1.1.26 released 24-Jan-2017 - security fix: escape navdata name to avoid XSS attack Version 1.1.25 released 15-Sep-2016 - fix rev2optrev assertion on long input Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website...
ISC BIND 9 DNS64 and RPZ Assertion Failure Denial of Service Vulnerability
ISC BIND is the United States Internet Systems Consortium ISC company maintains a set of open source software that implements the DNS protocol. ISC BIND 9 suffers from a DNS64 and RPZ Assertion Failure Denial of Service vulnerability. An attacker can exploit the vulnerability by rewriting the que...
High Severity BIND Vulnerability Can Lead to A Crash
The Internet Systems Consortium patched the BIND domain name system this week, addressing a remotely exploitable vulnerability it considers high severity and said could lead to a crash. The issue affects servers that use both the DNS64 and RPZ function simultaneously. DNS64 is a mechanism for...
Fedora 25 : viewvc (2017-bd3c3c957f)
Version 1.1.26 released 24-Jan-2017 - security fix: escape navdata name to avoid XSS attack Version 1.1.25 released 15-Sep-2016 - fix rev2optrev assertion on long input Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website...