CVE-2014-9801

Multiple integer overflows in lib/libfdt/fdtrw.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 devices allow attackers to gain privileges via a crafted application, aka Android internal bug 28822060 and Qualcomm internal bug CR705078...

CVE-2015-8891

Multiple integer overflows in app/aboot/aboot.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 2013 devices allow attackers to bypass intended access restrictions via a crafted image, aka Android internal bug 28842418 and Qualcomm internal bug CR813930...

CVE-2014-9802

CVE-2014-9802: Concrete details found in CNVD-2016-04811 and related records show an integer overflow in lib/libfdt/fdt.c within the Qualcomm component on Android, affecting Nexus 5 and Nexus 7 (2013) devices. Root cause: integer overflow in the FDT parser leads to privilege escalation when proce...

CVE-2014-9802

Multiple integer overflows in lib/libfdt/fdt.c in the Qualcomm components in Android before 2016-07-05 on Nexus 5 and 7 2013 devices allow attackers to gain privileges via a crafted application, aka Android internal bug 28821965 and Qualcomm internal bug CR705108...

CVE-2014-9801

CVE-2014-9801 concerns Android components on Nexus 5 (Qualcomm) where multiple integer overflows in lib/libfdt/fdt_rw.c can be triggered by a crafted application to gain privileges. The issue is described as an Android internal bug 28822060 and a Qualcomm internal bug CR705078, affecting Qualcomm...

MGASA-2016-0238 Updated php packages fix security vulnerability

php-mbstring phpmbregexeregreplaceexec - double free CVE-2016-5768. php-mcrypt heap Overflow due to integer overflows CVE-2016-5769. php-SPL int/sizet confusion in SplFileObject::fread CVE-2016-5770. php-SPL Use After Free Vulnerability in PHP's GC algorithm and unserialize CVE-2016-5771. php-WDD...

CVE-2016-5769

Multiple integer overflows in mcrypt.c in the mcrypt extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allow remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted length value,...

CVE-2016-5769

Multiple integer overflows in mcrypt.c in the mcrypt extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allow remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted length value,...

SUSE SLED12 / SLES12 Security Update : expat (SUSE-SU-2016:1508-1)

This update for expat fixes the following issues : Security issue fixed : - CVE-2016-0718: Fix Expat XML parser that mishandles certain kinds of malformed input documents. bsc979441 - CVE-2015-1283: Fix multiple integer overflows. bnc980391 Note that Tenable Network Security has extracted the...

CVE-2016-2538

Multiple integer overflows in the USB Net device emulator hw/usb/dev-network.c in QEMU before 2.5.1 allow local guest OS administrators to cause a denial of service QEMU process crash or obtain sensitive host memory information via a remote NDIS control message packet that is mishandled in the 1...

DEBIAN-CVE-2016-2538

Multiple integer overflows in the USB Net device emulator hw/usb/dev-network.c in QEMU before 2.5.1 allow local guest OS administrators to cause a denial of service QEMU process crash or obtain sensitive host memory information via a remote NDIS control message packet that is mishandled in the 1...

CVE-2016-2538

CVE-2016-2538 : In QEMU, the USB Net device emulator (hw/usb/dev-network.c) contains multiple integer overflows in versions before 2.5.1. This can allow local guest OS administrators to crash the QEMU process (denial of service) and, in some cases, leak host memory via a remote NDIS control messa...

CVE-2016-2538

Multiple integer overflows in the USB Net device emulator hw/usb/dev-network.c in QEMU before 2.5.1 allow local guest OS administrators to cause a denial of service QEMU process crash or obtain sensitive host memory information via a remote NDIS control message packet that is mishandled in the 1...

CVE-2016-4355

Multiple integer overflows in ber-decoder.c in Libksba before 1.3.3 allow remote attackers to cause a denial of service crash via crafted BER data, which leads to a buffer overflow...

CVE-2016-4355

Multiple integer overflows in ber-decoder.c in Libksba before 1.3.3 allow remote attackers to cause a denial of service crash via crafted BER data, which leads to a buffer overflow...

CVE-2016-2463

Multiple integer overflows in the h264dec component in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media...

CVE-2016-2463

Multiple integer overflows in the h264dec component in libstagefright in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media...

CVE-2016-1951

Multiple integer overflows in io/prprf.c in Mozilla Netscape Portable Runtime NSPR before 4.12 allow remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a long string to a PRprintf function...

CVE-2016-1951

Multiple integer overflows in io/prprf.c in Mozilla Netscape Portable Runtime NSPR before 4.12 allow remote attackers to cause a denial of service buffer overflow or possibly have unspecified other impact via a long string to a PRprintf function...

openSUSE Security Update : expat (openSUSE-2016-695)

This update for expat fixes the following issues : Security issue fixed : - CVE-2016-0718: Fix Expat XML parser that mishandles certain kinds of malformed input documents. bsc979441 - CVE-2015-1283: Fix multiple integer overflows. bnc980391 This update was imported from the SUSE:SLE-12:Update...