18 matches found
EUVD-2016-6251
Malware in sbrugna...
UBUNTU-CVE-2024-56681
In the Linux kernel, the following vulnerability has been resolved: crypto: bcm - add error check in the ahashhmacinit function The ahashinit functions may return fails. The ahashhmacinit should not return ok when ahashinit returns error. For an example, ahashinit will return -ENOMEM when...
ipv6: sr: fix memleak in seg6_hmac_init_algo
...
K70938105: Expat XML library vulnerability CVE-2016-5300
Security Advisory Description The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete...
SUSE CVE-2016-5300
The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876...
UBUNTU-CVE-2023-0401
A NULL pointer can be dereferenced when signatures are being verified on PKCS7 signed or signedAndEnveloped data. In case the hash algorithm used for the signature is known to the OpenSSL library but the implementation of the hash algorithm is not available the digest initialization will fail...
Zoom Client Trust Management Issue Vulnerability
Zoom Client is a video conferencing client application from Zoom USA that supports multiple platforms. A trust management issue vulnerability exists in Zoom Client for Meetings version 4.6.11, which stems from the airhost.exe file initializing the SHA-256 hash value of the...
EulerOS 2.0 SP5 : expat (EulerOS-SA-2019-1666)
According to the versions of the expat packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple integer overflows in the XMLGetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products,...
Denial Of Service (DoS)
expat is susceptible to denial of service DoS attacks. The vulnerability is due to an incomplete fix of CVE-2012-0876 which leads to insufficient entropy for hash initialization...
DEBIAN-CVE-2016-5300
The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876...
ALPINE-CVE-2016-5300
The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876...
CVE-2016-5300
The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876...
Code injection
The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876...
CVE-2016-5300
The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876...
lib32-expat: multiple issues
CVE-2012-6702 predictable random numbers It was found that when calling XMLParse ahead of rand, it causes the pseudo random generator to generate non-random predictable numbers. - CVE-2016-5300 denial of service It was found that original fix for CVE-2012-0876 used too little entropy for the hash...
UBUNTU-CVE-2016-5300
The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876...
CVE-2016-5300
The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service CPU consumption via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876...
php -- memory_limit related vulnerability
Stefan Esser of e-matters discovered a condition within PHP that may lead to remote execution of arbitrary code. The memorylimit facility is used to notify functions when memory contraints have been met. Under certain conditions, the entry into this facility is able to interrupt functions such as...