4 matches found
USN-7571-1 c3p0 vulnerability
Aaron Massey discovered that c3p0 could be made to crash when parsing certain input. An attacker able to modify the application’s XML configuration file could possibly use this issue to cause a denial of service...
SUSE CVE-2025-31115
XZ Utils provide a general-purpose data-compression library plus command-line tools. In XZ Utils 5.3.3alpha to 5.8.0, the multithreaded .xz decoder in liblzma has a bug where invalid input can at least result in a crash. The effects include heap use after free and writing to an address based on t...
UBUNTU-CVE-2018-9989
ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in sslparseserverpskhint that could cause a crash on invalid input...
PT-2018-19152
Name of the Vulnerable Software and Affected Versions mbed TLS versions prior to 2.1.11 mbed TLS versions prior to 2.7.2 mbed TLS versions prior to 2.8.0 Description The issue is related to a buffer over-read in the ssl parse server psk hint function, which could cause a crash when handling inval...