EUVD-2008-5594

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2017-15602

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTORnsfeextractmethod function in plugins/nsfeextractor.c, leading ...

SUSE CVE-2018-18650

An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows attackers to launch a denial of service Integer Overflow via a crafted /Size value in a pdf file, as demonstrated by pdftohtml. This is mainly caused by the program attempting a malloc operation for a large amount of...

CVE-2020-24863

A memory corruption vulnerability was found in the kernel function kerngetfsstat in MidnightBSD before 1.2.7 and 1.3 through 2020-08-19, and FreeBSD through 11.4, that allows an attacker to trigger an invalid free and crash the system via a crafted size value in conjunction with an invalid mode...

CVE-2020-24863

The CVE-2020-24863 vulnerability is a kernel memory corruption in kern_getfsstat affecting MidnightBSD prior to 1.2.7 and 1.3 up to 2020-08-19, and FreeBSD up to 11.4. A crafted size value combined with an invalid mode can trigger an invalid free, leading to a system crash. The connected document...

CVE-2019-19383

freeFTPd 1.0.8 has a Post-Authentication Buffer Overflow via a crafted SIZE command this is exploitable even if logging is disabled...

Xpdf Denial of Service Vulnerability (CNVD-2019-17487)

Xpdf is a free PDF viewer and toolkit that includes a text extractor, image converter, HTML converter and more. A denial of service vulnerability exists in XRef::readXRefStream in XRef.cc in Xpdf 4.00. An attacker can exploit this vulnerability to cause a denial of service integer overflow via a...

UBUNTU-CVE-2018-18650

An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows attackers to launch a denial of service Integer Overflow via a crafted /Size value in a pdf file, as demonstrated by pdftohtml. This is mainly caused by the program attempting a malloc operation for a large amount of...

CVE-2018-18650

An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows attackers to launch a denial of service Integer Overflow via a crafted /Size value in a pdf file, as demonstrated by pdftohtml. This is mainly caused by the program attempting a malloc operation for a large amount of...

CVE-2017-15602

In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTORnsfeextractmethod function in plugins/nsfeextractor.c, leading to an infinite loop for a crafted size...

CVE-2017-15602

In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTORnsfeextractmethod function in plugins/nsfeextractor.c, leading to an infinite loop for a crafted size...

CVE-2017-15602

In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTORnsfeextractmethod function in plugins/nsfeextractor.c, leading to an infinite loop for a crafted size...

CVE-2017-15602

In GNU Libextractor 1.4, there is an integer signedness error for the chunk size in the EXTRACTORnsfeextractmethod function in plugins/nsfeextractor.c, leading to an infinite loop for a crafted size...

DEBIAN-CVE-2017-5576

Integer overflow in the vc4getbcl function in drivers/gpu/drm/vc4/vc4gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted size value in a VC4SUBMITCL ioctl call...

CVE-2014-9795

app/aboot/aboot.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices does not properly check for an integer overflow, which allows attackers to bypass intended access restrictions via crafted start and size values, aka Android internal bug 28820720 and Qualcomm internal bu...

Buffer overflow

Buffer overflow in the Tiny SRP library aka TinySRP allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted size value for the username field...

Out-of-bounds

mbae.sys in Malwarebytes Anti-Exploit before 1.05.1.2014 allows local users to cause a denial of service crash via a crafted size in an unspecified IOCTL call, which triggers an out-of-bounds read. NOTE: some of these details are obtained from third party information...

CVE-2011-4789

Stack-based buffer overflow in magentservice.exe in the server in HP LoadRunner 11.00 before patch 4 allows remote attackers to execute arbitrary code via a crafted size value in a packet. NOTE: it was originally reported that the affected product is HP Diagnostics Server, but HP states that "the...

CVE-2011-1417

Integer overflow in QuickLook, as used in Apple Mac OS X before 10.6.7 and MobileSafari in Apple iOS before 4.2.7 and 4.3.x before 4.3.2, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a Microsoft Office document with a...

Integer overflow

Integer overflow in QuickLook, as used in Apple Mac OS X before 10.6.7 and MobileSafari in Apple iOS before 4.2.7 and 4.3.x before 4.3.2, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a Microsoft Office document with a...