xwayland: xorg: X.Org X server: Information disclosure and denial of service via out-of-bounds read in XKB geometry processing.

A flaw was found in the X.Org X server. This out-of-bounds read vulnerability in the XKB geometry processing, specifically within the CheckSetGeom and XkbAddGeomKeyAlias functions, allows an attacker to read uninitialized or out-of-bounds memory. An attacker with a connection to the X11 server,...

CVE-2018-25367 NASA openVSP 3.16.1 Denial of Service via Buffer Overflow

NASA openVSP 3.16.1 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an excessively long string in the geometry name field. Attackers can trigger a denial of service by pasting a 5000-byte payload into the name input field within the Geom...

CVE-2026-34000

A flaw was found in the X.Org X server. This out-of-bounds read vulnerability in the XKB geometry processing, specifically within the CheckSetGeom and XkbAddGeomKeyAlias functions, allows an attacker to read uninitialized or out-of-bounds memory. An attacker with a connection to the X11 server,...

OSV-2022-904 Heap-use-after-free in std::__1::pair<std::__1::__tree_iterator<std::__1::__value_type<geos::geom::Coor

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51406 Crash type: Heap-use-after-free READ 8 Crash state: std::1::pairstd::1::treeiteratorstd::1::valuetypegeos::geom::Coor geos::geomgraph::NodeMap::addNode geos::geomgraph::GeometryGraph::addSelfIntersectionNode...

OSV-2022-861 Heap-use-after-free in std::__1::pair<std::__1::__tree_iterator<std::__1::__value_type<geos::geom::Coor

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51083 Crash type: Heap-use-after-free READ 8 Crash state: std::1::pairstd::1::treeiteratorstd::1::valuetypegeos::geom::Coor geos::geomgraph::NodeMap::addNode geos::operation::overlay::OverlayOp::copyPoints...

NASA openVSP 3.16.1 Denial Of Service

Exploit Title: NASA openVSP 3.16.1 - Denial of Service PoC Exploit Author : L0RD Date: 2018-08-28 Vendor Homepage : https://software.nasa.gov/software/LAR-17491-1 Software link: https://github.com/nasa/OpenVSP Version: 3.16.1 Tested on: Windows 10 CVE: N/A Description : The Vehicle Sketch Pad VSP...

NASA openVSP 3.16.1 - Denial of Service (PoC)

Exploit Title: NASA openVSP 3.16.1 - Denial of Service PoC Exploit Author : L0RD Date: 2018-08-28 Vendor Homepage : https://software.nasa.gov/software/LAR-17491-1 Software link: https://github.com/nasa/OpenVSP Version: 3.16.1 Tested on: Windows 10 CVE: N/A Description : The Vehicle Sketch Pad VSP...

NASA openVSP 3.16.1 - Denial of Service Exploit

Exploit for windows platform in category dos / poc Exploit Title: NASA openVSP 3.16.1 - Denial of Service PoC Exploit Author : L0RD Vendor Homepage : https://software.nasa.gov/software/LAR-17491-1 Software link: https://github.com/nasa/OpenVSP Version: 3.16.1 Tested on: Windows 10 CVE: N/A...

The vulnerability of the Flash Player software, which allows a violator to execute arbitrary code

The vulnerability of the Transform object implementation in the Flash Player software platform is related to the use of memory after it is freed. Exploiting this vulnerability could allow a malicious actor, operating remotely, to execute arbitrary code using the reverse invocation of...

CVE-2016-1016

Use-after-free vulnerability in the Transform object implementation in Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code via a flash.geom.Matrix callback, a different...

Design/Logic Flaw

The arc4random function in the kernel in FreeBSD 6.3 through 7.1 does not have a proper entropy source for a short time period immediately after boot, which makes it easier for attackers to predict the function's return values and conduct certain attacks against the GEOM framework and various...

CVE-2008-5162

The arc4random function in the kernel in FreeBSD 6.3 through 7.1 does not have a proper entropy source for a short time period immediately after boot, which makes it easier for attackers to predict the function's return values and conduct certain attacks against the GEOM framework and various...

CVE-2008-5162

The CVE-2008-5162 entry concerns FreeBSD kernel arc4random(9) and its entropy source during the first boot minutes. Technical details across connected docs show: affected software is FreeBSD 6.3–7.1 kernels; problem is insufficient entropy immediately after boot, delaying reseeding from Yarrow an...

CVE-2008-5162

The arc4random function in the kernel in FreeBSD 6.3 through 7.1 does not have a proper entropy source for a short time period immediately after boot, which makes it easier for attackers to predict the function's return values and conduct certain attacks against the GEOM framework and various...

PT-2008-6306 · Freebsd · Freebsd

Name of the Vulnerable Software and Affected Versions: FreeBSD versions 6.3 through 7.1 Description: The issue is related to the arc4random function in the kernel, which lacks a proper entropy source for a short time period immediately after boot. This makes it easier for attackers to predict the...

FreeBSD Security Advisory FreeBSD-SA-08:11.arc4random

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-08.11.arc4random Security Advisory The FreeBSD Project Topic: arc4random9 predictable sequence vulnerability Category: core Module: sys Announced: 2008-11-24...

FreeBSD -- arc4random(9) predictable sequence vulnerability

Problem Description: When the arc4random9 random number generator is initialized, there may be inadequate entropy to meet the needs of kernel systems which rely on arc4random9; and it may take up to 5 minutes before arc4random9 is reseeded with secure entropy from the Yarrow random number...