Amazon Linux AMI : php56 (ALAS-2016-753)

ext/standard/varunserializer.re in PHP before 5.6.26 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via an unserialize call that references a partially constructed object...

Medium: php70

Issue Overview: ext/mysqlnd/mysqlndwireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNEDFLAG flag, which allows remote MySQL servers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via crafted...

CVE-2016-6692

drivers/video/msm/mdss/mdssmdppp.c in the Qualcomm MDSS driver in Android before 2016-10-05 allows attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via unknown vectors, aka Qualcomm internal bug CR 1004933...

CVE-2016-6692

drivers/video/msm/mdss/mdssmdppp.c in the Qualcomm MDSS driver in Android before 2016-10-05 allows attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via unknown vectors, aka Qualcomm internal bug CR 1004933...

CVE-2016-6692

drivers/video/msm/mdss/mdssmdppp.c in the Qualcomm MDSS driver in Android before 2016-10-05 allows attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via unknown vectors, aka Qualcomm internal bug CR 1004933...

CVE-2016-7418

The phpwddxpushelement function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service invalid pointer access and out-of-bounds read or possibly have unspecified other impact via an incorrect boolean element in a wddxPacket XML document,...

CVE-2016-7418

The phpwddxpushelement function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service invalid pointer access and out-of-bounds read or possibly have unspecified other impact via an incorrect boolean element in a wddxPacket XML document,...

CVE-2016-7418

The phpwddxpushelement function in ext/wddx/wddx.c in PHP before 5.6.26 and 7.x before 7.0.11 allows remote attackers to cause a denial of service invalid pointer access and out-of-bounds read or possibly have unspecified other impact via an incorrect boolean element in a wddxPacket XML document,...

FFmpeg ff_mpv_common_init Denial of Service Vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in the 'ffmpvcommoninit' function in the libavcodec/mpegvideo.c file in versions of FFmpeg prior to 2.7.2, which arises from a failure of the program to...

CVE-2015-6826

The ffrv34decodeinitthreadcopy function in libavcodec/rv34.c in FFmpeg before 2.7.2 does not initialize certain structure members, which allows remote attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via crafted 1 RV30 or 2 RV40 RealVideo dat...

CVE-2015-6825

The ffframethreadinit function in libavcodec/pthreadframe.c in FFmpeg before 2.7.2 mishandles certain memory-allocation failures, which allows remote attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via a crafted file, as demonstrated by an A...

CVE-2015-6821

The ffmpvcommoninit function in libavcodec/mpegvideo.c in FFmpeg before 2.7.2 does not properly maintain the encoding context, which allows remote attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via crafted MPEG data...

UBUNTU-CVE-2015-6825

The ffframethreadinit function in libavcodec/pthreadframe.c in FFmpeg before 2.7.2 mishandles certain memory-allocation failures, which allows remote attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via a crafted file, as demonstrated by an A...

CVE-2015-6826

CVE-2015-6826 affects FFmpeg’s libavcodec/rv34.c: the function ff_rv34_decode_init_thread_copy does not initialize certain structure members, which can allow a remote attacker to trigger a denial of service (invalid pointer access) or other impact via crafted RealVideo data (RV30 or RV40). The vu...

CVE-2015-6825

FFmpeg vulnerability CVE-2015-6825 affects libavcodec/pthread_frame.c, where ff_frame_thread_init mishandles certain memory-allocation failures, enabling remote attackers to trigger a denial of service via a crafted AVI file (invalid pointer access). The issue is documented across multiple source...

CVE-2015-6826

The ffrv34decodeinitthreadcopy function in libavcodec/rv34.c in FFmpeg before 2.7.2 does not initialize certain structure members, which allows remote attackers to cause a denial of service invalid pointer access or possibly have unspecified other impact via crafted 1 RV30 or 2 RV40 RealVideo dat...

Design/Logic Flaw

RealNetworks RealPlayer before 16.0.0.282 and RealPlayer SP 1.0 through 1.1.5 allow remote attackers to execute arbitrary code via a RealAudio file that triggers access to an invalid pointer...

CVE-2010-3830

CVE-2010-3830 : The connected sources confirm a vulnerability in Apple iOS prior to 4.2 where an invalid pointer is accessed during the processing of packet filter rules. This flaw can allow local users to gain privileges via unspecified vectors. The affected product is iOS; the root cause is the...