Lucene search
K

36 matches found

RedhatCVE
RedhatCVE
added 2017/12/11 4:50 p.m.33 views

CVE-2017-17426

The malloc function in the GNU C Library aka glibc or libc6 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZEMAX, potentially leading to a subsequent heap overflow. This occurs because the per-thread cache aka tcache feature...

8.1CVSS3.8AI score0.01604EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2017/12/05 5:29 p.m.4 views

CVE-2017-17426

The malloc function in the GNU C Library aka glibc or libc6 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZEMAX, potentially leading to a subsequent heap overflow. This occurs because the per-thread cache aka tcache feature...

8.1CVSS5.8AI score0.01604EPSS
Exploits1References4
Prion
Prion
added 2017/12/05 5:29 p.m.18 views

Integer overflow

The malloc function in the GNU C Library aka glibc or libc6 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZEMAX, potentially leading to a subsequent heap overflow. This occurs because the per-thread cache aka tcache feature...

6.8CVSS8.4AI score0.01604EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2017/12/05 5:29 p.m.20 views

CVE-2017-17426

The malloc function in the GNU C Library aka glibc or libc6 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZEMAX, potentially leading to a subsequent heap overflow. This occurs because the per-thread cache aka tcache feature...

8.1CVSS8.1AI score0.01604EPSS
Exploits1References2
OSV
OSV
added 2017/12/05 5:29 p.m.29 views

CVE-2017-17426

The malloc function in the GNU C Library aka glibc or libc6 2.26 could return a memory block that is too small if an attempt is made to allocate an object whose size is close to SIZEMAX, potentially leading to a subsequent heap overflow. This occurs because the per-thread cache aka tcache feature...

8.1CVSS7AI score
Exploits0References2
CVE
CVE
added 2017/12/05 5:0 p.m.91 views

CVE-2017-17426

CVE-2017-17426 affects the GNU C Library (glibc/libc6) up to version 2.26. The heap overflow arises from an integer overflow check missing in the per-thread cache (tcache) path when allocating an object near SIZE_MAX, potentially allowing code execution. Exploitation details are not provided in t...

8.1CVSS8.5AI score0.01604EPSS
Exploits1References2Affected Software1
0day.today
0day.today
added 2017/11/17 12:0 a.m.19 views

Microsoft Edge Chakra JIT - Lowerer::LowerBoundCheck Incorrect Integer Overflow Check Exploit

Exploit for windows platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1343 Here's a snippet of the method. void Lowerer::LowerBoundCheckIR::Instr const instr ... ifrightOpnd-IsIntConstOpnd IntConstType newOffset; if!IntConstMath::Addoffset,...

7AI score
Exploits0
exploitpack
exploitpack
added 2017/11/16 12:0 a.m.19 views

Microsoft Edge Chakra: JIT - Lowerer::LowerBoundCheck Incorrect Integer Overflow Check

Microsoft Edge Chakra: JIT - Lowerer::LowerBoundCheck Incorrect Integer Overflow Check / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1343 Here's a snippet of the method. void Lowerer::LowerBoundCheckIR::Instr const instr ... ifrightOpnd-IsIntConstOpnd IntConstType newOffset;...

0.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/08/29 12:0 a.m.34 views

Ubuntu 14.04 LTS / 16.04 LTS : Ghostscript vulnerabilities (USN-3403-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3403-1 advisory. Kamil Frankowicz discovered that Ghostscript mishandles references. A remote attacker could use this to cause a denial of service...

7.8CVSS6.7AI score0.0275EPSS
Exploits5References8
Ubuntu
Ubuntu
added 2017/08/28 5:55 p.m.62 views

USN-3403-1: Ghostscript vulnerabilities

Kamil Frankowicz discovered that Ghostscript mishandles references. A remote attacker could use this to cause a denial of service. CVE-2017-11714 Kim Gwan Yeong discovered that Ghostscript could allow a heap-based buffer over-read and application crash. A remote attacker could use a crafted...

7.8CVSS6.5AI score0.0275EPSS
Exploits5
seebug.org
seebug.org
added 2017/08/01 12:0 a.m.35 views

Failed integer overflow check leads to heap overflow in driver /dev/qce (CVE-2016-3935)

No description provided by source. https://github.com/jiayy/androidvulnpoc-exp/tree/master/EXP-CVE-2016-3935...

9.3CVSS7.8AI score0.00543EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2017/07/27 1:20 p.m.32 views

CVE-2017-9835

The gsallocrefarray function in psi/ialloc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted PostScript document. This is related to a lack of an integer...

7.8CVSS6.7AI score0.02685EPSS
Exploits1References1
NVD
NVD
added 2017/07/26 7:29 p.m.15 views

CVE-2017-9835

The gsallocrefarray function in psi/ialloc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted PostScript document. This is related to a lack of an integer...

7.8CVSS7.5AI score0.02685EPSS
Exploits1References5
OSV
OSV
added 2017/07/26 7:29 p.m.27 views

CVE-2017-9835

The gsallocrefarray function in psi/ialloc.c in Artifex Ghostscript 9.21 allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted PostScript document. This is related to a lack of an integer...

7.8CVSS7.9AI score
Exploits0References5
Hacker One
Hacker One
added 2017/06/18 5:17 p.m.42 views

Internet Bug Bounty: Unsafe arithmetic in PyString_DecodeEscape

I have submitted a vulnerability that has now been fixed. The report includes a proof of concept that demonstrates reliable heap corruption through integer overflow. I also submitted a patch which was accepted and merged. https://bugs.python.org/issue30657 --- In Python 2.7, there is a possible...

8AI score
Exploits0
OpenVAS
OpenVAS
added 2012/07/30 12:0 a.m.38 views

CentOS Update for kernel CESA-2010:0936 centos4 x86_64

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

7.8CVSS5.5AI score0.05542EPSS
Exploits0References2
Rows per page
Query Builder