The vulnerability of the MuPDf PDF viewer program, related to the operation exceeding the allowed buffer data limits, allows a hacker to trigger a service failure.

The vulnerability of the MuPDf PDF viewer program is related to the execution of operations within acceptable buffer data limits. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

CVE-2020-35502

A flaw was found in Privoxy in versions before 3.0.29. Memory leaks when a response is buffered and the buffer limit is reached or Privoxy is running out of memory can lead to a system crash...

CVE-2020-35502

A flaw was found in Privoxy in versions before 3.0.29. Memory leaks when a response is buffered and the buffer limit is reached or Privoxy is running out of memory can lead to a system crash...

The vulnerability of the `Exiv2::StringValueBase::read` function in the `value.cpp` library of the Exiv2 media metadata management library is related to the issue of allowing the operation to exit within acceptable buffer limits. This allows a malicious actor to cause a service failure.

The vulnerability of the Exiv2::StringValueBase::read function in the value.cpp library of the Exiv2 media metadata management library is related to incorrect memory address manipulation. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

The vulnerability in the read_textobject function of the read.c utility for converting .fig files in fig2dev allows a malicious actor to cause a service failure.

The vulnerability of the readtextobject function in the read.c utility for converting .fig files to fig2dev format is related to the execution of operations within acceptable buffer data limits. Exploiting this vulnerability could allow a remote attacker to cause service interruptions...

Privoxy Security Vulnerability

Privoxy is a proxy server from the Privoxy team in the USA that does not cache web pages and comes with its own filtering features. It has advanced filtering features to enhance privacy, modify web data and HTTP headers, control access and remove advertisements and other annoying Internet...

Denial Of Service (DoS)

privoxy is vulnerable to denial of service DoS. The vulnerability exists through memory leaks when a response is buffered and the buffer limit is reached...

The vulnerability relates to the implementation of the animatedPathSegList property in the SVG markup language used by browsers such as Mozilla Firefox, Firefox ESR, and the email client Thunderbird. This vulnerability allows attackers to trigger a service failure.

The vulnerability of the animatedPathSegList property implementation in SVG markup languages by Mozilla Firefox, Firefox ESR, and the Thunderbird email client is related to the execution of operations beyond the allowed buffer data limits. Exploiting this vulnerability could allow a malicious act...

PT-2020-17339 · Privoxy +3 · Privoxy +3

Name of the Vulnerable Software and Affected Versions: Privoxy versions prior to 3.0.29 Description: A flaw in Privoxy can cause memory leaks when a response is buffered and the buffer limit is reached or Privoxy is running out of memory, leading to a system crash. Recommendations: For versions...

UBUNTU-CVE-2020-35502

A flaw was found in Privoxy in versions before 3.0.29. Memory leaks when a response is buffered and the buffer limit is reached or Privoxy is running out of memory can lead to a system crash...

The vulnerability of the stralloc_readyplus function in the netqmail client’s commands.c file, which allows a hacker to cause a service failure.

The vulnerability of the strallocreadyplus function in the netqmail client’s commands.c file is related to the operation that checks whether the output values are within acceptable buffer data limits. Exploiting this vulnerability could allow a malicious actor to cause service failures...

vertx: WebSocket HTTP upgrade implementation holds the entire http request in memory before the handshake

In version from 3.0.0 to 3.5.3 of Eclipse Vert.x, the WebSocket HTTP upgrade implementation buffers the full http request before doing the handshake, holding the entire request body in memory. There should be a reasonnable limit 8192 bytes above which the WebSocket gets an HTTP response with the...

The vulnerability of the exif_process_IFDTag function in the PHP programming language allows a perpetrator to gain unauthorized access to information or cause service failures.

The vulnerability of the exifprocessIFDTagName function in the PHP programming language is related to the execution of an operation that exceeds the permissible buffer data limits. Exploiting this vulnerability can allow a remote attacker to gain unauthorized access to information or cause servic...

Intel NUC Buffer Limit Error Vulnerability

The Intel NUC 8 Mainstream Game Kit, among others, is a small desktop computer from Intel Corporation USA. A buffer limit error vulnerability exists in the firmware of the Intel NUC, which arises from a program's failure to properly perform buffer limiting and can be exploited by a local attacker...

DEBIAN-CVE-2019-19481

An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/card-cac1.c mishandles buffer limits for CAC certificates...

CVE-2019-19481

An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/card-cac1.c mishandles buffer limits for CAC certificates...

CVE-2019-19481

OpenSC vulnerability CVE-2019-19481: OpenSC up to 0.19.0 and 0.20.x through 0.20.0-rc3 mishandles buffer limits for CAC certificates in libopensc/card-cac1.c. The connected advisories (RHEL/SUSE/AlmaLinux/CentOS) confirm multiple distributions affected, with fixes expected in OpenSC 0.20.0 or new...

The vulnerabilities of Firefox and Firefox ESR browsers, as well as the Thunderbird email client, are related to an unacceptable grid size during QCMS transformations. This allows attackers to disclose protected information.

The vulnerability of Firefox and Firefox ESR browsers, as well as the Thunderbird email client, is related to an unacceptable grid size during QCMS transformations. Exploiting this vulnerability allows a malicious actor to disclose sensitive information obtained by reading beyond the buffer limit...

SUSE-SU-2018:1765-2 Security update for ntp

This update for ntp fixes the following issues: - Update to 4.2.8p11 bsc1082210: CVE-2016-1549: Sybil vulnerability: ephemeral association attack. While fixed in ntp-4.2.8p7, there are significant additional protections for this issue in 4.2.8p11. CVE-2018-7182: ctlgetitem: buffer read overrun...

vertx: WebSocket HTTP upgrade implementation holds the entire http request in memory before the handshake

In version from 3.0.0 to 3.5.3 of Eclipse Vert.x, the WebSocket HTTP upgrade implementation buffers the full http request before doing the handshake, holding the entire request body in memory. There should be a reasonnable limit 8192 bytes above which the WebSocket gets an HTTP response with the...