17 matches found
Denial Of Services (DoS)
graphql-java is vulnerable to Denial Of Services DoS. An attacker can send a maliciously crafted GraphQL query that causes excessive stack consumption, which can lead to an application crash...
SUSE-SU-2020:0860-1 Security update for exiv2
This update for exiv2 fixes the following issues: - CVE-2018-17581: Fixed an excessive stack consumption in CiffDirectory:readDirectory which might have led to denial of service bsc1110282. - CVE-2019-13110: Fixed an integer overflow and an out of bounds read in CiffDirectory:readDirectory which...
Huawei EulerOS: Security Advisory for exiv2 (EulerOS-SA-2019-2576)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP8 : exiv2 (EulerOS-SA-2020-1003)
According to the versions of the exiv2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0.26 allows remote attackers to cause a denial of service excessive memory...
NewStart CGSL CORE 5.05 / MAIN 5.05 : exiv2 Multiple Vulnerabilities (NS-SA-2019-0229)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has exiv2 packages installed that are affected by multiple vulnerabilities: - In Exiv2 0.26, an out-of-bounds read in IptcData::printStructure in iptc.c could result in a crash or information leak, related to the == 0x1c case...
CVE-2018-19881
In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote attackers to cause a denial of service recursive calls followed by a fitz/xml.c fzxmlatt crash from excessive stack consumption via a crafted svg file, as demonstrated by mupdf-gl...
CVE-2018-19881
In Artifex MuPDF 1.14.0, svg/svg-run.c allows remote attackers to cause a denial of service recursive calls followed by a fitz/xml.c fzxmlatt crash from excessive stack consumption via a crafted svg file, as demonstrated by mupdf-gl...
Design/Logic Flaw
CiffDirectory::readDirectory at crwimageint.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service...
PYSEC-2018-139
CiffDirectory::readDirectory at crwimageint.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service...
Security Bulletin: Aspera OnDemand is affected by an openSSL vulnerability (CVE-2018-0739)
Summary Aspera OnDemand has addressed the following openSSL vulnerability. Vulnerability Details CVEID: CVE-2018-0739 DESCRIPTION: OpenSSL is vulnerable to a denial of service. By sending specially crafted ASN.1 data with a recursive definition, a remote attacker could exploit this vulnerability ...
CVE-2017-1082
In FreeBSD 11.x before 11.1-RELEASE and 10.x before 10.4-RELEASE, the qsort algorithm has a deterministic recursion pattern. Feeding a pathological input to the algorithm can lead to excessive stack usage and potential overflow. Applications that use qsort to handle large data set may crash if th...
Denial of service
An issue was discovered in the HDF HDF5 1.10.2 library. Excessive stack consumption has been detected in the function H5Pgetcb in H5Pint.c during an attempted parse of a crafted HDF file. This results in denial of service...
CVE-2018-15671
An issue was discovered in the HDF HDF5 1.10.2 library. Excessive stack consumption has been detected in the function H5Pgetcb in H5Pint.c during an attempted parse of a crafted HDF file. This results in denial of service...
CVE-2018-15671
An issue was discovered in the HDF HDF5 1.10.2 library. Excessive stack consumption has been detected in the function H5Pgetcb in H5Pint.c during an attempted parse of a crafted HDF file. This results in denial of service...
openSUSE: Security Advisory for tboot (openSUSE-SU-2017:3100-1)
The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2017-9763
The grubext2readblock function in fs/ext2.c in GNU GRUB before 2013-11-12, as used in shlr/grub/fs/ext2.c in radare2 1.5.0, allows remote attackers to cause a denial of service excessive stack use and application crash via a crafted binary file, related to use of a variable-size stack array...
IBM solidDB 6.5 < 6.5.0.8 Multiple Denial of Service Vulnerabilities
The remote database system is affected by multiple denial of service vulnerabilities : - Sending packets with many integer fields can trigger several recursive calls of a certain function causing an excessive amount of stack memory consumption. CVE-2010-4055, IC80074 - Upon receiving a packet...