OpenJDK: incorrect bracket processing in function signature handling (Hotspot, 8170966)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Hotspot. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

LibSass: stack overflow #3 in libsass

./sassc test387 /dev/null triggers this stack overflow. ==9081==ERROR: AddressSanitizer: stack-overflow on address 0x7fffb48eadc0 pc 0x00000087a07b bp 0x7fffb48eba30 sp 0x7fffb48ead60 T0 0 0x87a07a in Sass::Parser::parsefactor /home/geeknik/libsass/src/parser.cpp:1379 1 0x878304 in...

DEBIAN-CVE-2016-10196

Stack-based buffer overflow in the evutilparsesockaddrport function in evutil.c in libevent before 2.1.6-beta allows attackers to cause a denial of service segmentation fault via vectors involving a long string in brackets in the ipasstring argument...

DEBIAN-CVE-2017-5356

Irssi before 0.8.21 allows remote attackers to cause a denial of service out-of-bounds read and crash via a string containing a formatting sequence % without a closing bracket...

ALPINE-CVE-2017-5356

Irssi before 0.8.21 allows remote attackers to cause a denial of service out-of-bounds read and crash via a string containing a formatting sequence % without a closing bracket...

CVE-2017-5356

Irssi before 0.8.21 allows remote attackers to cause a denial of service out-of-bounds read and crash via a string containing a formatting sequence % without a closing bracket...

PCRE 'compile_bracket_matchingpath()' Function Denial of Service Vulnerability

PCRE Perl Compatible Regular Expressions is a software developer Philip Hazel developed a use of C language written in open source regular expression library. PCRE suffers from a denial of service vulnerability. An attacker could exploit this vulnerability to cause a denial of service or execute...

UBUNTU-CVE-2017-6004

The compilebracketmatchingpath function in pcrejitcompile.c in PCRE through 8.x before revision 1680 e.g., the PHP 7.1.1 bundled version allows remote attackers to cause a denial of service out-of-bounds read and application crash via a crafted regular expression...

Mozilla Firefox and Firefox ESR 'nsBidi::BracketData::AddOpening' function heap buffer overflow vulnerability

Mozilla Firefox is an open source web browser; Firefox ESR is an extended support version of Firefox. A heap buffer overflow vulnerability exists in the 'nsBidi::BracketData::AddOpening' function in Mozilla Firefox and Firefox, which allows remote attackers to construct a malicious WEB page that...

BSQLinjector - Blind SQL Injection Exploitation Tool

BSQLinjector uses blind method to retrieve data from SQL databases. I recommend using "--test" switch to clearly see how configured payload looks like before sending it to an application. Options: --file Mandatory - File containing valid HTTP request and SQL injection point SQLINJECT...

acroread: Multiple DoS fixes in 8.1.7 (APSB09-15)

Stack consumption vulnerability in Adobe Reader and Acrobat 9.1.3, 9.1.2, 9.1.1, and earlier 9.x versions; 8.1.6 and earlier 8.x versions; and possibly 7.1.4 and earlier 7.x versions allows remote attackers to cause a denial of service application crash via a PDF file with a large number of open...

CVE-2005-2568

Eval injection vulnerability in the template engine for SysCP 1.2.10 and earlier allows remote attackers to execute arbitrary PHP code via a string containing the code within "" and "" curly bracket characters, which are processed by the PHP eval function...

Gaim 1.1.3 - File Download Denial of Service

source: https://www.securityfocus.com/bid/12667/info Gaim is affected by a denial of service vulnerability during the download of a file. This issue can allow remote attackers to cause an affected client to fail. A vulnerablity in the client arises when it tries to download a file with bracket...

security flaw

phpvariables.c in PHP before 5.0.2 allows remote attackers to read sensitive memory contents via 1 GET, 2 POST, or 3 COOKIE GPC variables that end in an open bracket character, which causes PHP to calculate an incorrect string length...

[LSD] Technical analysis of the remote sendmail vulnerability

Hello, We have done some brief analysis of the potential remote Sendmail vulnerability that has been reported lately. Below you can read about our findings with regard to this isse. We reserve the right not to be correct in whatever we write below. This is mainly due to the fact that we did not...