11196 matches found
dbus DoS
Incorrect errors handling...
PT-2015-3447 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A flaw was found in the subsequent get user pages fast in the Linux kernel’s interface for symmetric key cipher algorithms in the skcipher recvmsg of crypto/algif skcipher.c function...
Adobe Flash Player Multiple Vulnerabilities-01 (Feb 2015) - Linux
Adobe Flash Player is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:flashplayer";...
Adobe Flash Player Unspecified Vulnerability - 01 (Feb 2015) - Mac OS X
Adobe Flash Player is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:flashplayer";...
Apple Safari 'Webkit' Multiple Vulnerabilities -01 (Feb 2015) - Mac OS X
Apple Safari is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:safari"; ifdescription...
CVE-2014-9670
Multiple integer signedness errors in the pcfgetencodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service integer overflow, NULL pointer dereference, and application crash via a crafted PCF file that specifies negative values for the first...
CVE-2014-9670
Multiple integer signedness errors in the pcfgetencodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service integer overflow, NULL pointer dereference, and application crash via a crafted PCF file that specifies negative values for the first...
DEBIAN-CVE-2014-9670
Multiple integer signedness errors in the pcfgetencodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service integer overflow, NULL pointer dereference, and application crash via a crafted PCF file that specifies negative values for the first...
Integer overflow
Multiple integer signedness errors in the pcfgetencodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service integer overflow, NULL pointer dereference, and application crash via a crafted PCF file that specifies negative values for the first...
CVE-2014-9670
Multiple integer signedness errors in the pcfgetencodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service integer overflow, NULL pointer dereference, and application crash via a crafted PCF file that specifies negative values for the first...
CVE-2014-9670
Multiple integer signedness errors in the pcfgetencodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service integer overflow, NULL pointer dereference, and application crash via a crafted PCF file that specifies negative values for the first...
CVE-2014-9670
CVE-2014-9670 : In FreeType before 2.5.4, multiple integer signedness errors in the pcf_get_encodings function (pcf/pcfread.c) can be triggered by a crafted PCF file with negative values for the first column and first row, enabling a remote attacker to cause a denial of service via integer overfl...
UBUNTU-CVE-2015-0244
PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 does not properly handle errors while reading a protocol message, which allows remote attackers to conduct SQL injection attacks via crafted binary data in a parameter and causing an...
Google Chrome < 40.0.2214.111 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 40.0.2214.111. It is, therefore, affected by multiple vulnerabilities as referenced in the 201502stable-channel-update advisory. - The OriginCanAccessServiceWorkers function in...
Vulnerability in contrib module (CVE-2015-0243)
Memory errors in functions in the pgcrypto extension...
CVE-2014-8612
Multiple array index errors in the Stream Control Transmission Protocol SCTP module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allow local users to 1 gain privileges via the stream id to the setsockopt function, when setting the SCTIPSSVALUE option, or 2 read...
CVE-2014-8612
Multiple array index errors in the Stream Control Transmission Protocol SCTP module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allow local users to 1 gain privileges via the stream id to the setsockopt function, when setting the SCTIPSSVALUE option, or 2 read...
Information disclosure
Multiple array index errors in the Stream Control Transmission Protocol SCTP module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allow local users to 1 gain privileges via the stream id to the setsockopt function, when setting the SCTIPSSVALUE option, or 2 read...
CVE-2014-8612
CVE-2014-8612 corresponds to multiple FreeBSD kernel SCTP issues. The SCTP_SS_VALUE path allows a local attacker to craft an out-of-bounds stream_id index into stcb->asoc.strmout, enabling 16-bit kernel memory write (memory corruption) and, via the function pointer path, arbitrary write of a 1...
CVE-2014-8612
Removed by vendor...