GHSA-C2HM-MJXV-89R4 Multiple soundness issues in lexical

lexical contains multiple soundness issues: 1. Bytes::read allows creating instances of types with invalid bit patterns 1. BytesIter::read advances iterators out of bounds 1. The BytesIter trait has safety invariants but is public and not marked unsafe 1. writefloat calls MaybeUninit::assumeinit ...

RUSTSEC-2023-0055 Multiple soundness issues

lexical contains multiple soundness issues: 1. Bytes::read allows creating instances of types with invalid bit patterns 1. BytesIter::read advances iterators out of bounds 1. The BytesIter trait has safety invariants but is public and not marked unsafe 1. writefloat calls MaybeUninit::assumeinit ...

SUSE CVE-2010-4645

strtod.c, as used in the zendstrtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service infinite loop via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU...

MGASA-2016-0013 Updated mono packages fix security vulnerability

It was found that float-parsing code used in Mono before 4.2 is derived from code vulnerable to CVE-2009-0689. The issue concerns the 'freelist' array, which is a global array of 16 pointers to 'Bigint'. This array is part of a memory allocation and reuse system which attempts to reduce the numbe...

Mageia: Security Advisory (MGASA-2016-0013)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Android 2.0/2.1 - Use-After-Free Remote Code Execution on Webkit

No description provided by source. Exploit Title: Android 2.0/2.1 Use-After-Free Remote Code Execution on Webkit Date: 14/11/2010 Author: Itzhak Avraham, mj Tested on: Droid 2.1 CVE : CVE-2010-1807 Better exploit better rate and more flexible for changes, also shorter shellcode than what you have...

ruby: heap overflow in floating point parsing

Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 before 2.0.0-p353, 2.1 before 2.1.0 preview2, and trunk before revision 43780 allows context-dependent attackers to cause a denial of service segmentation fault and possibly execute arbitrary code via a string that is converted to...

DEBIAN-CVE-2012-3480

Multiple integer overflows in the 1 strtod, 2 strtof, 3 strtold, 4 strtodl, and other unspecified "related functions" in stdlib in GNU C Library aka glibc or libc6 2.16 allow local users to cause a denial of service application crash and possibly execute arbitrary code via a long string, which...