CVE-2016-6508

epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 uses an incorrect integer data type, which allows remote attackers to cause a denial of service large loop via a crafted packet...

CVE-2016-6508

epan/dissectors/packet-rlc.c in the RLC dissector in Wireshark 1.12.x before 1.12.13 and 2.x before 2.0.5 uses an incorrect integer data type, which allows remote attackers to cause a denial of service large loop via a crafted packet...

CVE-2014-9792

arch/arm/mach-msm/ipcrouter.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices uses an incorrect integer data type, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28769399 and Qualcomm internal bug CR550606...

Buffer overflow

The DrawDashPolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles calculations of certain vertices integer data, which allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impa...

CVE-2016-4562

The DrawDashPolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles calculations of certain vertices integer data, which allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impa...

CVE-2016-4562

The DrawDashPolygon function in MagickCore/draw.c in ImageMagick before 6.9.4-0 and 7.x before 7.0.1-2 mishandles calculations of certain vertices integer data, which allows remote attackers to cause a denial of service buffer overflow and application crash or possibly have unspecified other impa...

KLA10796 Multiple vulnerabilities in Wireshark

Multiple vulnerabilities were found in Wireshark. By exploiting these vulnerabilities malicious users can cause denial of service. These vulnerabilities can be exploited remotely by injecting malformed packet. Technical details These vulnerabilities can be exploited remotely via a vectors related...

CVE-2016-2315

revision.c in git before 2.7.4 uses an incorrect integer data type, which allows remote attackers to execute arbitrary code via a 1 long filename or 2 many nested trees, leading to a heap-based buffer overflow...

Wireshark Bluetooth Attribute Parser Denial of Service Vulnerability

Wireshark is the most popular network protocol parser. The getvalue function in the Bluetooth Attribute parser epan/dissectors/packet-btatt.c in version 2.0.x prior to Wireshark 2.0.1 uses incorrect integer data types, allowing remote attackers to cause a denial-of-service invalid write operation...

CVE-2015-8735

The getvalue function in epan/dissectors/packet-btatt.c in the Bluetooth Attribute aka BT ATT dissector in Wireshark 2.0.x before 2.0.1 uses an incorrect integer data type, which allows remote attackers to cause a denial of service invalid write operation and application crash via a crafted packe...

SOL17313 - PHP vulnerability CVE-2014-4721

The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 and 5.5.x before 5.5.14 does not ensure use of the string data type for the PHPAUTHPW, PHPAUTHTYPE, PHPAUTHUSER, and PHPSELF variables, which might allow context-dependent attackers to obtain sensitive information from process...

CVE-2015-6245

epan/dissectors/packet-gsmrlcmac.c in the GSM RLC/MAC dissector in Wireshark 1.12.x before 1.12.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service infinite loop via a crafted packet...

CVE-2015-6245

epan/dissectors/packet-gsmrlcmac.c in the GSM RLC/MAC dissector in Wireshark 1.12.x before 1.12.7 uses incorrect integer data types, which allows remote attackers to cause a denial of service infinite loop via a crafted packet...

UBUNTU-CVE-2015-4148

The dosoapcall function in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that the uri property is a string, which allows remote attackers to obtain sensitive information by providing crafted serialized data with an int data type, related to a...

CVE-2014-8147

The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode ICU before 55.1 uses an integer data type that is inconsistent with a header file, which allows remote attackers to cause a denial of service...

CVE-2014-8147

The resolveImplicitLevels function in common/ubidi.c in the Unicode Bidirectional Algorithm implementation in ICU4C in International Components for Unicode ICU before 55.1 uses an integer data type that is inconsistent with a header file, which allows remote attackers to cause a denial of service...

CVE-2015-2190

epan/proto.c in Wireshark 1.12.x before 1.12.4 does not properly handle integer data types greater than 32 bits in size, which allows remote attackers to cause a denial of service assertion failure and application exit via a crafted packet that is improperly handled by the LLDP dissector...

CVE-2015-2190

epan/proto.c in Wireshark 1.12.x before 1.12.4 does not properly handle integer data types greater than 32 bits in size, which allows remote attackers to cause a denial of service assertion failure and application exit via a crafted packet that is improperly handled by the LLDP dissector...

F5 Networks BIG-IP : Linux kernel vulnerability (K14445)

The perfsweventinit function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type. CVE-2013-2094 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from F5 Networks BIG-IP Solution K14445. The text...

Type confusion

The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 and 5.5.x before 5.5.14 does not ensure use of the string data type for the PHPAUTHPW, PHPAUTHTYPE, PHPAUTHUSER, and PHPSELF variables, which might allow context-dependent attackers to obtain sensitive information from process...