kernel: kvm: x86: NULL pointer dereference during instruction decode

Linux kernel built with the Kernel-based Virtual Machine CONFIGKVM support is vulnerable to a null pointer dereference flaw. It could occur on x86 platform, when emulating an undefined instruction. An attacker could use this flaw to crash the host kernel resulting in DoS...

kernel: kvm: x86: NULL pointer dereference during instruction decode

Linux kernel built with the Kernel-based Virtual Machine CONFIGKVM support is vulnerable to a null pointer dereference flaw. It could occur on x86 platform, when emulating an undefined instruction. An attacker could use this flaw to crash the host kernel resulting in DoS...

DEBIAN-CVE-2017-6009

An issue was discovered in icoutils 0.31.1. A buffer overflow was observed in the "decodeneresourceid" function in the "restable.c" source file. This is happening because the "len" parameter for memcpy is not checked for size and thus becomes a negative integer in the process, resulting in a fail...

Denial Of Service (DoS) From Out-of-bounds Heap Access

FFMpeg is vulnerable to denial of service DoS attacks and other attacks. These attacks are possible because the rawdecode function allows remote attackers to cause an out-of-bounds heap access. The attacks can be performed through a .cine file that triggers the avpicturegetsize to return a negati...

DEBIAN-CVE-2016-6920

Heap-based buffer overflow in the decodeblock function in libavcodec/exr.c in FFmpeg before 3.1.3 allows remote attackers to cause a denial of service application crash via vectors involving tile positions...

ALPINE-CVE-2016-5321

The DumpModeDecode function in libtiff 4.0.6 and earlier allows attackers to cause a denial of service invalid read and crash via a crafted tiff image...

DEBIAN-CVE-2016-5317

Buffer overflow in the PixarLogDecode function in libtiff.so in the PixarLogDecode function in libtiff 4.0.6 and earlier, as used in GNOME nautilus, allows attackers to cause a denial of service attack crash via a crafted TIFF file...

UBUNTU-CVE-2016-5317

Buffer overflow in the PixarLogDecode function in libtiff.so in the PixarLogDecode function in libtiff 4.0.6 and earlier, as used in GNOME nautilus, allows attackers to cause a denial of service attack crash via a crafted TIFF file...

CVE-2015-1860 analysis: Qt module for processing GIFs cause a crash-bug warning-the black bar safety net

Vulnerability background Qt is a cross-platform graphical interface programming Framework, and its version is less than 4. 8. 7 and 5. x is less than 5. 4. 2 analytical picture of the process for cross-border inspections of improper handling, will result in the memcpy of the process occurs out of...

UBUNTU-CVE-2016-9807

The flxdecodechunks function in gst/flx/gstflxdec.c in GStreamer before 1.10.2 allows remote attackers to cause a denial of service invalid memory read and crash via a crafted FLIC file...

DEBIAN-CVE-2017-5209

The base64decode function in base64.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service buffer over-read via split encoded Apple Property List data...

UBUNTU-CVE-2017-5209

The base64decode function in base64.c in libimobiledevice libplist through 1.12 allows attackers to obtain sensitive information from process memory or cause a denial of service buffer over-read via split encoded Apple Property List data...

PT-2016-7789 · Artifex +3 · Ghostscript +3

Name of the Vulnerable Software and Affected Versions: ghostscript versions prior to 9.21 Description: The issue is related to a heap-based buffer overflow found in the jbig2 decode gray scale image function, which is used for decoding halftone segments in JBIG2 images. A document, such as...

PYSEC-2016-39

An exploitable out-of-bounds array access vulnerability exists in the xrowheaderdecode function of Tarantool 1.7.2.0-g8e92715. A specially crafted packet can cause the function to access an element outside the bounds of a global array that is used to determine the type of the specified key's valu...

PYSEC-2016-39

An exploitable out-of-bounds array access vulnerability exists in the xrowheaderdecode function of Tarantool 1.7.2.0-g8e92715. A specially crafted packet can cause the function to access an element outside the bounds of a global array that is used to determine the type of the specified key's valu...

UBUNTU-CVE-2016-9037

An exploitable out-of-bounds array access vulnerability exists in the xrowheaderdecode function of Tarantool 1.7.2.0-g8e92715. A specially crafted packet can cause the function to access an element outside the bounds of a global array that is used to determine the type of the specified key's valu...

ALPINE-CVE-2016-7502

The cavsidct8addc function in libavcodec/cavsdsp.c in FFmpeg before 3.1.4 is vulnerable to reading out-of-bounds memory when decoding with cavsdecode...

DEBIAN-CVE-2016-6671

The rawdecode function in libavcodec/rawdec.c in FFmpeg before 3.1.2 allows remote attackers to cause a denial of service memory corruption or execute arbitrary code via a crafted SWF file...

ALPINE-CVE-2016-9854

An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...

DEBIAN-CVE-2016-9854

An issue was discovered in phpMyAdmin. By calling some scripts that are part of phpMyAdmin in an unexpected way, it is possible to trigger phpMyAdmin to display a PHP error message which contains the full path of the directory where phpMyAdmin is installed. During an execution timeout in the expo...