CVE-2018-25266

Angry IP Scanner 3.5.3 contains a local buffer overflow in the preferences dialog that can crash the application when a massive string is supplied (e.g., a file with a huge buffer pasted into the display preferences field). The issue enables local denial of service by overflowing a field with rep...

CVE-2024-21538

Versions of the package cross-spawn before 6.0.6, from 7.0.0 and before 7.0.5 are vulnerable to Regular Expression Denial of Service ReDoS due to improper input sanitization. An attacker can increase the CPU usage and crash the program by crafting a very large and well crafted string...

SUSE CVE-2014-5116

The cairoimagesurfacegetdata function in Cairo 1.10.2, as used in GTK+ and Wireshark, allows context-dependent attackers to cause a denial of service NULL pointer dereference via a large string...

SUSE CVE-2022-35737

SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API...

sqlite: an array-bounds overflow if billions of bytes are used in a string argument to a C API

An array-bounds overflow vulnerability was discovered in SQLite. The vulnerability occurs when handling an overly large input passed as a string argument to some of the C-language APIs provided by SQLite. This flaw allows a remote attacker to pass specially crafted large input to the application...

USN-5712-1 sqlite3 vulnerability

It was discovered that SQLite did not properly handle large string inputs in certain circumstances. An attacker could possibly use this issue to cause a denial of service or arbitrary code execution...

OESA-2022-1909 sqlite security update

SQLite is a C-language library that implements a small, fast, self-contained,high-reliability, full-featured, SQL database engine. SQLite is the most used database engine in the world. SQLite is built into all mobile phones and most computers and comes bundled inside countless other applications...

ALPINE-CVE-2022-35737

SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API...

DEBIAN-CVE-2022-35737

SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API...

CVE-2022-35737

SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API...

GHSA-5CQM-CRXM-6QPV Buffer overrun in CGI.escape_html

A buffer overrun vulnerability was discovered in CGI.escapehtml. This can lead to a buffer overflow when a user passes a very large string 700 MB to CGI.escapehtml on a platform where long type takes 4 bytes, typically, Windows...

Denial Of Service (DoS)

ruby is vulnerable denial of service. an attacker can crash the application through the CGI.escapehtml by providing a very large string...

kernel: heap buffer overflow in the iSCSI subsystem

A flaw was found in the Linux kernel. A heap buffer overflow in the iSCSI subsystem is triggered by setting an iSCSI string attribute to a value larger than one page and then trying to read it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system...

php: Stack-based buffer under-read in php_stream_url_wrap_http_ex() in http_fopen_wrapper.c when parsing HTTP response

In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the phpstreamurlwraphttpex function in ext/standard/httpfopenwrapper.c. This subsequently results in copying a large string...

Regular Expression Denial Of Service (ReDoS)

bassmaster is vulnerable to regular expression denial of service ReDoS attacks. These attacks are possible because the regex which is used for checking pipelines for valid urls can be given an extremely large string to make the application hang...

CVE-2011-5320

scanf and related functions in glibc before 2.15 allow local users to cause a denial of service segmentation fault via a large string of 0s...

Moxa MXView 2.8 Denial Of Service

Credits: John Page AKA hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MOXA-MXVIEW-v2.8-DENIAL-OF-SERVICE.txt + ISR: ApparitionSec Vendor: ============ www.moxa.com Product: =========== MXView v2.8 Download:...

Moxa MXview v2.8 Denial Of Service Exploit

Exploit for windows platform in category dos / poc + Credits: John Page AKA hyp3rlinx Vendor: ============ www.moxa.com Product: =========== MXView v2.8 Download: http://www.moxa.com/product/MXstudio.htm MXview Industrial Network Management Software. Auto discovery of network devices and physical...

DLA-200-1 ruby1.9.1 - security update

Bulletin has no description...

DEBIAN-CVE-2015-2831

Buffer overflow in daswatchdog 0.9.0 allows local users to execute arbitrary code with root privileges via a large string in the XAUTHORITY environment variable...