7041 matches found
CVE-2016-1660
Removed by vendor...
pcre: buffer overflow for forward reference within backward assertion with excess closing parenthesis (8.38/18)
Heap-based buffer overflow in the findfixedlength function in pcrecompile.c in PCRE before 8.38 allows remote attackers to cause a denial of service crash or obtain sensitive information from heap memory and possibly bypass the ASLR protection mechanism via a crafted regular expression with an...
pcre: buffer overflow for forward reference within backward assertion with excess closing parenthesis (8.38/18)
PCRE before 8.38 mishandles the /?=di?=?1|?=./ pattern and related patterns with an unmatched closing parenthesis, which allows remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted regular expression, as demonstrated by a JavaScript...
Microsoft Office 3 6 5 platform SAML service vulnerability, unauthorized access to other users of the resource-vulnerability warning-the black bar safety net
! Recently, two security researchers, Klemen Bratec and Ioannis Kakavas, announced they found one in Microsoft Office 3 6 5 platform on the SAML service vulnerability that can be exploited to perform cross-domain authentication bypass, and eventually to 3 6 5 on the platform of the all the Federa...
Wireshark - alloc_address_wmem Assertion Failure
Wireshark - allocaddresswmem Assertion Failure Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=804 The following crash due to an asserion failure can be observed in an ASAN build of Wireshark current git master, by feeding a malformed file to tshark "$ ./tshark -nVxr...
Wireshark - alloc_address_wmem Assertion Failure
Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=804 The following crash due to an asserion failure can be observed in an ASAN build of Wireshark current git master, by feeding a malformed file to tshark "$ ./tshark -nVxr...
Wireshark - alloc_address_wmem Assertion Failure
Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=804 The following crash due to an asserion failure can be observed in an ASAN build of Wireshark current git master, by feeding a malformed file to tshark "$ ./tshark -nVxr /path/to/file": --- cut ---...
AIX 6.1 TL 9 : bind (IV81279) (deprecated)
ISC BIND is vulnerable to a denial of service, caused by improper bounds checking in apl42.c. By sending specially crafted Address Prefix List APL data, a remote authenticated attacker could exploit this vulnerability to trigger an INSIST assertion failure and cause the named process to terminate...
DNS BIND server vulnerability, allowing attackers to cause service failures
The vulnerability of the BIND DNS server component exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to cause service failures—such as the appearance of an “Assertion Failure” error and the termination of the daemon—by using a specially...
DNS BIND server vulnerability, allowing attackers to cause service failures
The vulnerability of the DNS BIND server component exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to cause a service failure—the appearance of an “Assertion Failure” error, and the termination of the daemon—by using a specially crafted...
DNS BIND server vulnerability, allowing attackers to cause service failures
The vulnerability of the DNS BIND server exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to cause service failures—such as the appearance of an error message “Assertion failure” or the termination of the daemon—by using a specially creat...
openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-431)
This update for java-170-openjdk fixes the following issues : java-170-openjdk was updated to 2.6.5 - OpenJDK 7u99 boo972468 - Security fixes - S8152335, CVE-2016-0636: Improve MethodHandle consistency - Import of OpenJDK 7 u99 build 0 - S6425769, PR2858: Allow specifying an address to bind JMX...
The vulnerability of the Squid proxy server allows a hacker to cause a service failure.
The vulnerability of the Edge Side Includes parser of the Squid proxy server exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to cause a service failure—such as the appearance of an error message “Assertion failure” or the termination of...
The vulnerability of the Squid proxy server allows a hacker to cause a service failure.
The vulnerability of the Squid proxy server exists due to the incorrect addition of information into String objects. Exploiting this vulnerability allows a remote attacker to cause a service failure—the appearance of an “Assertion failure” window, or the termination of the daemon. This occurs wit...
The vulnerability of the Squid proxy server allows a hacker to cause a service failure.
The vulnerability of the http.cc component in the Squid proxy server exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to cause a service failure—such as the appearance of an “Assertion failure” message and the termination of the...
FreeBSD : bind -- denial of service vulnerability (cba246d2-f483-11e5-92ce-002590263bf5)
ISC reports : A problem parsing resource record signatures for DNAME resource records can lead to an assertion failure in resolver.c or db.c %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database :...
Updated iceape packages fix security vulnerability
Mozilla Firefox before 43.0 and Firefox ESR 38.x before 38.5 allow remote attackers to bypass the Same Origin Policy via data: and view-source: URIs. CVE-2015-7214 The WebExtension APIs in Mozilla Firefox before 43.0 allow remote attackers to gain privileges, and possibly obtain sensitive...
DSA-3522-1 squid3 - security update
Bulletin has no description...
SUSE-SU-2016:0825-1 Security update for bind
This update for bind fixes the following issues: Fix two assertion failures that can lead to a remote denial of service attack: CVE-2016-1285: An error when parsing signature records for DNAME can lead to named exiting due to an assertion failure. bsc970072 CVE-2016-1286: An error when parsing...
The vulnerability of Google Chrome browser allows a perpetrator to trigger a service failure or cause other effects.
The vulnerability in the WebKit/Source/core/layout/LayoutBlock.cpp function of the Google Chrome browser’s Blink kernel exists due to insufficient checking of input data. Exploiting this vulnerability can allow an attacker to cause a service failure the appearance of a “Assertion failure” window ...