Squid Software Foundation Squid HTTP Caching Proxy Denial of Service Vulnerability (CNVD-2018-05766 )

Squid Software Foundation Squid HTTP Caching Proxy is an open source HTTP caching proxy software . A security vulnerability exists in the handling of HTTP Response X-Forwarded-For packet headers in versions of Squid Software Foundation Squid HTTP Caching Proxy prior to 4.0.23. An attacker could...

Intel Graphics Driver Local Elevation of Privilege Vulnerability

Intel Graphics Driver is an integrated graphics driver developed by Intel Corporation USA. A security vulnerability exists in a pointer backreference to a subsystem in Intel Graphics Driver versions 15.40.x.x, 15.45.x.x, and 15.46.x.x. The vulnerability can be exploited with local access rights t...

ClamAV Null Pointer Dereference Vulnerability

ClamAV AntiVirus software is a free and open source antivirus software developed by ClamAV team. The software is used to detect Trojans, viruses, malware and other malicious threats. A security vulnerability exists in ClamAV AntiVirus software that stems from the program's use of an incorrect inp...

Irssi null pointer dereference vulnerability (CNVD-2018-03170)

Irssi is a free, open source IRC client for use in Linux and Unix operating systems. A security vulnerability exists in versions of Irssi prior to 1.0.6. An attacker can exploit this vulnerability to affect the stability of Irssi null pointer backreference...

ImageMagick MagickCore Component Denial of Service Vulnerability

ImageMagick is a set of open source image processing software from the U.S. company ImageMagick Studio. The software can read, convert, write pictures in a variety of formats.MagickCore component is one of the core components. A denial of service vulnerability exists in the MagickCore component o...

K7 Antivirus K7Sentry.sys Denial of Service Vulnerability (CNVD-2018-01082)

K7 Antivirus is a suite of anti-virus software from the Indian company K7 Computing.K7Sentry.sys is one of the kernel-mode drivers used in K7 Computing's security products. A security vulnerability exists in K7 Antivirus version 15.1.0309 in K7Sentry.sys version 15.1.0.59. An attacker can exploit...

Tor Denial of Service Vulnerability (CNVD-2017-38231)

Tor The Onion Router is a second-generation implementation of onion routing, primarily used for anonymous access to the Internet. Tor suffers from a denial of service vulnerability. A remote attacker could exploit this vulnerability to cause a denial of service null pointer backreference and...

Linux kernel denial of service vulnerability (CNVD-2017-36476)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A denial of service vulnerability exists in the 'rngapireset' function of the crypto/rng.c file in versions of Linux kernel prior to 4.2. An attacker exploits this...

libbpg VideoLAN x265 Denial of Service Vulnerability

libbpg is a new image format library. videoLAN x265 is one of the H.265 video format libraries. A denial of service vulnerability exists in the 'CUData::initialize' function in the common/cudata.cpp file of VideoLAN x265 in libbpg version 0.9.7 and other products, which stems from the program...

libbpg Integer Overflow Vulnerability

libbpg is a new type of image format library. An integer overflow vulnerability exists in the 'imagealloc' function of the bpgenc.c file in libbpg version 0.9.7. An attacker can exploit this vulnerability to cause a denial of service invalid dynamic memory allocation and null pointer backreferenc...

SWFTools Denial of Service Vulnerability (CNVD-2017-37437)

SWFTools is a utility toolset for working with Adobe Flash files SWF files. A security vulnerability exists in the 'wavconvert2mono' function in the lib/wav.c file in SWFTools version 0.9.2, which stems from the program's failure to properly restrict multiplication in malloc calls. The...

tcmu-runner null pointer backreference vulnerability

tcmu-runner is a daemon for handling user space for LIO TCM user backend storage. A security vulnerability exists in the 'onunregisterhandler' function in tcmu-runner versions 1.0.5 through 1.2.0. An attacker can exploit the vulnerability to cause a denial of service null pointer backreference...

Symantec Endpoint Encryption Denial of Service Vulnerability (CNVD-2017-36540)

Symantec Endpoint Encryption SEE is a suite of software from Symantec Corporation that provides advanced encryption and management capabilities for desktops, laptops, and removable storage devices. A security vulnerability exists in Symantec Endpoint Encryption in versions prior to SEE 11.1.3MP1...

mkvalidator 'Node_GetData' Function Denial of Service Vulnerability

mkvalidator is a command line tool from the Matroska team for verifying that Matroska and WebM files are canonical. A security vulnerability exists in the 'NodeGetData' function in the corec/corec/node/node.c file in mkvalidator version 0.5.1. A remote attacker can exploit this vulnerability to...

libebml2 'EBML_BufferToID' function denial of service vulnerability

libebml2 is an open source EBML parser written in C . A security vulnerability exists in the 'EBMLBufferToID' function in the ebmlelement.c file in libebml2 2012-08-26 and earlier versions. A remote attacker can exploit this vulnerability to cause a denial of service null pointer backreference an...

Cesanta Mongoose MQTT Denial of Service Vulnerability

Cesanta Mongoose is a suite of embedded servers from Cesanta, Ireland. A denial of service vulnerability exists in the MQTT packet parsing feature in Cesanta Mongoose version 6.8. An attacker can exploit this vulnerability to cause a denial of service null pointer backreference and server crash b...

Red Hat GlusterFS Denial of Service Vulnerability (CNVD-2017-32891)

Red Hat GlusterFS is an open source distributed file system from Red Hat. The system is a combination of different storage servers , these servers by the Ethernet or unlimited bandwidth technology Infiniband and remote direct memory access RDMA convergence , and ultimately the formation of a larg...

Google Android Denial of Service Vulnerability (CNVD-2017-35525)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. A security vulnerability exists in the cmds/servicemanager/servicemanager.c file in Google Android. An attacker can exploit this vulnerability to cause a denial of service null...

GNU Libextractor Null Pointer Backreference Vulnerability

GNU Libextractor is a set of libraries developed by the GNU Project for extracting metadata from files. A security vulnerability exists in the 'EXTRACTORnsfextractmethod' function in the plugins/nsfextractor.c file in GNU Libextractor version 1.4. An attacker can exploit this vulnerability to cau...

libcsoap nanohttp Denial of Service Vulnerability

libcsoap is a SOAP parsing and encapsulation code written in C. It contains simple HTTP server and client code. nanohttp is one of the HTTP servers. A denial of service vulnerability exists in nanohttp in libcsoap. A remote attacker can exploit this vulnerability to cause a denial of service null...