CVE-2023-29408

The TIFF decoder does not place a limit on the size of compressed tile data. A maliciously-crafted image can exploit this to cause a small image both in terms of pixel width/height, and encoded size to make the decoder decode large amounts of compressed data, consuming excessive memory and CPU...

K11400411: BIG-IP APM RADIUS authentication vulnerability CVE-2020-5924

Security Advisory Description RADIUS authentication leaks memory when the username for authentication is not set. CVE-2020-5924 Impact This issue may lead to excessive memory consumption. On a BIG-IP system that is configured for high availability HA, this vulnerability may cause a failover event...

CVE-2021-3479

There's a flaw in OpenEXR's Scanline API functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger excessive consumption of memory, resulting in an impact to system availability...

Debian DLA-2016-1 : ssvnc security update

Several vulnerabilities have been identified in the VNC code of ssvnc, an encryption-capable VNC client.. The vulnerabilities referenced below are issues that have originally been reported against Debian source package libvncserver which also ships the libvncclient shared library. The ssvnc sourc...

Python -- DoS via malformed XML-RPC / HTTP POST request

Jan Lieskovsky reports, A denial of service flaw was found in the way Simple XML-RPC Server module of Python processed client connections, that were closed prior the complete request body has been received. A remote attacker could use this flaw to cause Python Simple XML-RPC based server process ...