CVE-2017-17439

In Heimdal through 7.4, remote unauthenticated attackers are able to crash the KDC by sending a crafted UDP packet containing empty data fields for client name or realm. The parser would unconditionally dereference NULL pointers in that case, leading to a segmentation fault. This is related to th...

kernel: Oops in shash_async_export()

A vulnerability was found in the Linux kernel. An unprivileged local user could trigger oops in shashasyncexport by attempting to force the in-kernel hashing algorithms into decrypting an empty data set...

kernel: Oops in shash_async_export()

A vulnerability was found in the Linux kernel. An unprivileged local user could trigger oops in shashasyncexport by attempting to force the in-kernel hashing algorithms into decrypting an empty data set...

kernel: Oops in shash_async_export()

A vulnerability was found in the Linux kernel. An unprivileged local user could trigger oops in shashasyncexport by attempting to force the in-kernel hashing algorithms into decrypting an empty data set...

DEBIAN-CVE-2016-5028

The printframeinstbytes function in libdwarf before 20160923 allows remote attackers to cause a denial of service NULL pointer dereference via an object file with empty bss-like sections...

PYSEC-2011-2

The verifyexists functionality in the URLField implementation in Django before 1.2.7 and 1.3.x before 1.3.1 relies on Python libraries that attempt access to an arbitrary URL with no timeout, which allows remote attackers to cause a denial of service resource consumption via a URL associated with...

security flaw

servenotify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data...