11191 matches found
CVE-2014-9670
Multiple integer signedness errors in the pcfgetencodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service integer overflow, NULL pointer dereference, and application crash via a crafted PCF file that specifies negative values for the first...
CVE-2014-9670
Multiple integer signedness errors in the pcfgetencodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service integer overflow, NULL pointer dereference, and application crash via a crafted PCF file that specifies negative values for the first...
DEBIAN-CVE-2014-9670
Multiple integer signedness errors in the pcfgetencodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service integer overflow, NULL pointer dereference, and application crash via a crafted PCF file that specifies negative values for the first...
Integer overflow
Multiple integer signedness errors in the pcfgetencodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service integer overflow, NULL pointer dereference, and application crash via a crafted PCF file that specifies negative values for the first...
CVE-2014-9670
Multiple integer signedness errors in the pcfgetencodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service integer overflow, NULL pointer dereference, and application crash via a crafted PCF file that specifies negative values for the first...
CVE-2014-9670
Multiple integer signedness errors in the pcfgetencodings function in pcf/pcfread.c in FreeType before 2.5.4 allow remote attackers to cause a denial of service integer overflow, NULL pointer dereference, and application crash via a crafted PCF file that specifies negative values for the first...
CVE-2014-9670
CVE-2014-9670 : In FreeType before 2.5.4, multiple integer signedness errors in the pcf_get_encodings function (pcf/pcfread.c) can be triggered by a crafted PCF file with negative values for the first column and first row, enabling a remote attacker to cause a denial of service via integer overfl...
Google Chrome < 40.0.2214.111 Multiple Vulnerabilities
The version of Google Chrome installed on the remote Windows host is prior to 40.0.2214.111. It is, therefore, affected by multiple vulnerabilities as referenced in the 201502stable-channel-update advisory. - The OriginCanAccessServiceWorkers function in...
UBUNTU-CVE-2015-0244
PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 does not properly handle errors while reading a protocol message, which allows remote attackers to conduct SQL injection attacks via crafted binary data in a parameter and causing an...
Vulnerability in contrib module (CVE-2015-0243)
Memory errors in functions in the pgcrypto extension...
CVE-2014-8612
Multiple array index errors in the Stream Control Transmission Protocol SCTP module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allow local users to 1 gain privileges via the stream id to the setsockopt function, when setting the SCTIPSSVALUE option, or 2 read...
CVE-2014-8612
Multiple array index errors in the Stream Control Transmission Protocol SCTP module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allow local users to 1 gain privileges via the stream id to the setsockopt function, when setting the SCTIPSSVALUE option, or 2 read...
Information disclosure
Multiple array index errors in the Stream Control Transmission Protocol SCTP module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allow local users to 1 gain privileges via the stream id to the setsockopt function, when setting the SCTIPSSVALUE option, or 2 read...
CVE-2014-8612
CVE-2014-8612 corresponds to multiple FreeBSD kernel SCTP issues. The SCTP_SS_VALUE path allows a local attacker to craft an out-of-bounds stream_id index into stcb->asoc.strmout, enabling 16-bit kernel memory write (memory corruption) and, via the function pointer path, arbitrary write of a 1...
CVE-2014-8612
Removed by vendor...
CVE-2014-8612
Multiple array index errors in the Stream Control Transmission Protocol SCTP module in FreeBSD 10.1 before p5, 10.0 before p17, 9.3 before p9, and 8.4 before p23 allow local users to 1 gain privileges via the stream id to the setsockopt function, when setting the SCTIPSSVALUE option, or 2 read...
Oracle VirtualBox Multiple DoS Vulnerabilities (Feb 2015) - Linux
Oracle VirtualBox is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:vmvirtualbox";...
UBUNTU-CVE-2015-1359
Multiple off-by-one errors in fpdfapi/fpdffont/fontint.h in PDFium, as used in Google Chrome before 40.0.2214.91, allow remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a crafted PDF document, related to an "intra-object-overflow" issue, ...
chromium-browser: caching error in AppCache
The AppCacheUpdateJob::URLFetcher::OnResponseStarted function in content/browser/appcache/appcacheupdatejob.cc in Google Chrome before 40.0.2214.91 proceeds with AppCache caching for SSL sessions even if there is an X.509 certificate error, which allows man-in-the-middle attackers to spoof HTML5...
CVE-2015-1359
Removed by vendor...