686 matches found
UBUNTU-CVE-2015-1252
common/partialcircularbuffer.cc in Google Chrome before 43.0.2357.65 does not properly handle wraps, which allows remote attackers to bypass a sandbox protection mechanism or cause a denial of service out-of-bounds write via vectors that trigger a write operation with a large amount of data,...
CVE-2015-1252
Removed by vendor...
[SECURITY] Fedora 19 Update: xstream-1.3.1-5.1.fc19
XStream is a simple library to serialize objects to XML and back again. A high level facade is supplied that simplifies common use cases. Custom objects can be serialized without need for specifying mappings. Speed and low memory footprint are a crucial part of the design, making it suitable for...
OpenJDK: ObjectStreamClass circular reference denial of service (Serialization, 8000638)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Serialization. NOTE: the previous...
Fedora Update for nodejs-json-stringify-safe FEDORA-2013-11780
Check for the Version of nodejs-json-stringify-safe OpenVAS Vulnerability Test Fedora Update for nodejs-json-stringify-safe FEDORA-2013-11780 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...
[SECURITY] Fedora 18 Update: nodejs-json-stringify-safe-5.0.0-1.fc18
This module provides functionality similar to JavaScript's JSON.stringify, but it doesn't blow up when it encounters circular references...
OpenJDK: ObjectStreamClass circular reference denial of service (Serialization, 8000638)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Serialization. NOTE: the previous...
OpenJDK: ObjectStreamClass circular reference denial of service (Serialization, 8000638)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Serialization. NOTE: the previous...
OpenJDK: ObjectStreamClass circular reference denial of service (Serialization, 8000638)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Serialization. NOTE: the previous...
OpenJDK: ObjectStreamClass circular reference denial of service (Serialization, 8000638)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Serialization. NOTE: the previous...
OpenJDK: ObjectStreamClass circular reference denial of service (Serialization, 8000638)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Serialization. NOTE: the previous...
OpenJDK: ObjectStreamClass circular reference denial of service (Serialization, 8000638)
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Serialization. NOTE: the previous...
CVE-2013-2450
CVE-2013-2450 is an unspecified vulnerability in the Java Runtime Environment (JRE) Serialization path reported in MiracleLinux AXSA-2013-553:03. The MiracleLinux advisory indicates affected: MiracleLinux 3 with java-1.6.0-openjdk (OpenJDK 7/6 family as referenced) and lists CVE-2013-1500 through...
CVE-2013-2450
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect availability via unknown vectors related to Serialization. NOTE: the previous...
DEBIAN-CVE-2012-3375
The epollctl system call in fs/eventpoll.c in the Linux kernel before 3.2.24 does not properly handle ELOOP errors in EPOLLCTLADD operations, which allows local users to cause a denial of service file-descriptor consumption and system crash via a crafted application that attempts to create a...
kernel: epoll: can leak file descriptors when returning -ELOOP
The epollctl system call in fs/eventpoll.c in the Linux kernel before 3.2.24 does not properly handle ELOOP errors in EPOLLCTLADD operations, which allows local users to cause a denial of service file-descriptor consumption and system crash via a crafted application that attempts to create a...
kernel: epoll: can leak file descriptors when returning -ELOOP
The epollctl system call in fs/eventpoll.c in the Linux kernel before 3.2.24 does not properly handle ELOOP errors in EPOLLCTLADD operations, which allows local users to cause a denial of service file-descriptor consumption and system crash via a crafted application that attempts to create a...
PT-2012-1190 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.2.24 Description: The epoll ctl system call in fs/eventpoll.c does not properly handle ELOOP errors in EPOLL CTL ADD operations, allowing local users to cause a denial of service file-descriptor consumption an...
UBUNTU-CVE-2012-3375
The epollctl system call in fs/eventpoll.c in the Linux kernel before 3.2.24 does not properly handle ELOOP errors in EPOLLCTLADD operations, which allows local users to cause a denial of service file-descriptor consumption and system crash via a crafted application that attempts to create a...
kernel: potential kernel deadlock when creating circular epoll file structures
fs/eventpoll.c in the Linux kernel before 2.6.38 places epoll file descriptors within other epoll data structures without properly checking for 1 closed loops or 2 deep chains, which allows local users to cause a denial of service deadlock or stack memory consumption via a crafted application tha...