3104 matches found
CVE-2016-8859
Multiple integer overflows in the TRE library and musl libc allow attackers to cause memory corruption via a large number of 1 states or 2 tags, which triggers an out-of-bounds write...
CVE-2016-8859
CVE-2016-8859 affects TRE and musl libc. The TRE library experienced multiple integer overflows in its regex/memory-handling paths, enabling memory corruption and an out-of-bounds write when processing large numbers of states or tags. Public advisories document this issue across multiple distribu...
CVE-2016-8859
Multiple integer overflows in the TRE library and musl libc allow attackers to cause memory corruption via a large number of 1 states or 2 tags, which triggers an out-of-bounds write...
USN-3194-1: OpenJDK 7 vulnerabilities
Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update moves those algorithms to the legacy algorithm set and causes...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3514)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-3514 advisory. - vfio/pci: Fix integer overflows, bitmask check Vlad Tsyrklevich Orabug: 25164094 CVE-2016-9083 CVE-2016-9084 - Don't feed anything but regular...
CVE-2017-5885
Multiple integer overflows in the 1 vncconnectionservermessage and 2 vnccolormapset functions in gtk-vnc before 0.7.0 allow remote servers to cause a denial of service crash or possibly execute arbitrary code via vectors involving SetColorMapEntries, which triggers a buffer overflow...
Unbreakable Enterprise kernel security update
kernel-uek 4.1.12-61.1.27 - vfio/pci: Fix integer overflows, bitmask check Vlad Tsyrklevich Orabug: 25164094 CVE-2016-9083 CVE-2016-9084 - Don't feed anything but regular iovec's to blkrqmapuseriov Linus Torvalds Orabug: 25231931 CVE-2016-9576 - kvm: x86: Check memopp before dereference...
CVE-2016-9085
Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown vectors...
CVE-2016-9085
Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown vectors...
CVE-2016-9085
Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown vectors...
DEBIAN-CVE-2016-9085
Multiple integer overflows in libwebp allows attackers to have unspecified impact via unknown vectors...
CVE-2016-9085
CVE-2016-9085 corresponds to multiple integer overflows in libwebp, affecting the WebP image library (notably the gif2webp tool). The provided connected documents corroborate this vulnerability as involving libwebp with unspecified impact via unknown vectors; no exploit details are included in th...
CVE-2016-10164
Multiple integer overflows in libXpm before 3.5.12, when a program requests parsing XPM extensions on a 64-bit platform, allow remote attackers to cause a denial of service out-of-bounds write or execute arbitrary code via 1 the number of extensions or 2 their concatenated length in a crafted XPM...
CVE-2016-10164
Multiple integer overflows in libXpm before 3.5.12, when a program requests parsing XPM extensions on a 64-bit platform, allow remote attackers to cause a denial of service out-of-bounds write or execute arbitrary code via 1 the number of extensions or 2 their concatenated length in a crafted XPM...
CVE-2016-10164
Summary: CVE-2016-10164 is a heap-based overflow in libXpm when parsing XPM extensions on 64-bit platforms, potentially enabling DoS or arbitrary code execution. The flaw arises from multiple integer overflows in the extensions parsing path, leading to out-of-bounds writes in the heap. Affected c...
CVE-2016-10164
Multiple integer overflows in libXpm before 3.5.12, when a program requests parsing XPM extensions on a 64-bit platform, allow remote attackers to cause a denial of service out-of-bounds write or execute arbitrary code via 1 the number of extensions or 2 their concatenated length in a crafted XPM...
CVE-2016-10164
Multiple integer overflows in libXpm before 3.5.12, when a program requests parsing XPM extensions on a 64-bit platform, allow remote attackers to cause a denial of service out-of-bounds write or execute arbitrary code via 1 the number of extensions or 2 their concatenated length in a crafted XPM...
Denial Of Service (DoS)
expat is vulnerable to denial of service DoS attacks with the potential for other impacts. The vulnerability exists because there are multiple integer overflows in the XMLGetBuffer function that leads to a heap-based buffer overflow which may lead to further unspecified impact. This issue is...
USN-3169-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry
Severity Medium Vendor Ubuntu Versions Affected Ubuntu 14.04 LTS Description Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment CS in certain error cases. A local attacker could use this to expose sensitive information kernel...
USN-3179-1: OpenJDK 8 vulnerabilities
Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update moves those algorithms to the legacy algorithm set and causes...