CVE-2017-14954

The waitid implementation in kernel/exit.c in the Linux kernel through 4.13.4 accesses rusage data structures in unintended cases, which allows local users to obtain sensitive information, and bypass the KASLR protection mechanism, via a crafted system call...

[SECURITY] Fedora 27 Update: python-jwt-1.5.3-1.fc27

A Python implementation of JSON Web Token draft 01. This library provides a means of representing signed content using JSON data structures, including claims to be transferred between two parties encoded as digitally signed and encrypted JSON objects...

DEBIAN-CVE-2017-12595

The tokenizer in QPDF 6.0.0 and 7.0.b1 is recursive for arrays and dictionaries, which allows remote attackers to cause a denial of service stack consumption and segmentation fault or possibly have unspecified other impact via a PDF document with a deep data structure, as demonstrated by a crash ...

UBUNTU-CVE-2017-12595

The tokenizer in QPDF 6.0.0 and 7.0.b1 is recursive for arrays and dictionaries, which allows remote attackers to cause a denial of service stack consumption and segmentation fault or possibly have unspecified other impact via a PDF document with a deep data structure, as demonstrated by a crash ...

The vulnerability of the i_zval_ptr_dtor function in the PHP interpreter allows a attacker to cause a service failure or exert other effects.

The vulnerability of the izvalptrdtor function in the PHP interpreter is related to an uncontrolled resource consumption. Exploiting this vulnerability may allow a malicious actor to cause service failures or other effects such as memory consumption or termination of the application by using...

PHP 7.0.x < 7.0.19 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.0.x prior to 7.0.19. It is, therefore, affected by the following vulnerabilities : - A memory allocation issue exists in the zendstringextend function in file Zend/zendstring.h when concatenating strings due to a...

Design/Logic Flaw

The izvalptrdtor function in Zend/zendvariables.h in PHP 7.1.5 allows attackers to cause a denial of service memory consumption and application crash or possibly have unspecified other impact by triggering crafted operations on array data structures...

CVE-2017-9119

The izvalptrdtor function in Zend/zendvariables.h in PHP 7.1.5 allows attackers to cause a denial of service memory consumption and application crash or possibly have unspecified other impact by triggering crafted operations on array data structures...

CVE-2017-9119

The izvalptrdtor function in Zend/zendvariables.h in PHP 7.1.5 allows attackers to cause a denial of service memory consumption and application crash or possibly have unspecified other impact by triggering crafted operations on array data structures...

UBUNTU-CVE-2017-9119

The izvalptrdtor function in Zend/zendvariables.h in PHP 7.1.5 allows attackers to cause a denial of service memory consumption and application crash or possibly have unspecified other impact by triggering crafted operations on array data structures...

CVE-2017-9119

The izvalptrdtor function in Zend/zendvariables.h in PHP 7.1.5 allows attackers to cause a denial of service memory consumption and application crash or possibly have unspecified other impact by triggering crafted operations on array data structures...

CVE-2017-9119

The izvalptrdtor function in Zend/zendvariables.h in PHP 7.1.5 allows attackers to cause a denial of service memory consumption and application crash or possibly have unspecified other impact by triggering crafted operations on array data structures...

CVE-2017-9119

Removed by vendor...

BSA-2017-246

Security Advisory ID : BSA-2017-246 Component : FOS Revision : 2.0: Final Thehashbufferfunction inschnorr.cinOpenSSHthrough 6.4, when Makefile.inc is modified to enable the J-PAKE protocol, does not initialize certain data structures, which might allow remote attackers to cause a denial of servic...

CVE-2007-6761

drivers/media/video/videobuf-vmalloc.c in the Linux kernel before 2.6.24 does not initialize videobufmapping data structures, which allows local users to trigger an incorrect count value and videobuf leak via unspecified vectors, a different vulnerability than CVE-2010-5321...

CVE-2015-4556

The string-translate procedure in the data-structures unit in CHICKEN before 4.10.0 allows remote attackers to cause a denial of service crash...

UBUNTU-CVE-2015-4556

The string-translate procedure in the data-structures unit in CHICKEN before 4.10.0 allows remote attackers to cause a denial of service crash...

DEBIAN-CVE-2015-4556

The string-translate procedure in the data-structures unit in CHICKEN before 4.10.0 allows remote attackers to cause a denial of service crash...

CVE-2015-4556

The string-translate procedure in the data-structures unit in CHICKEN before 4.10.0 allows remote attackers to cause a denial of service crash...

CVE-2015-4556

CVE-2015-4556 affects the CHICKEN Scheme implementation. The vulnerability lies in the string-translate* procedure in the data-structures unit and is exploitable in CHICKEN builds before version 4.10.0, allowing remote attackers to cause a denial of service (crash). Several sources (NVD, Debian s...