15 matches found
BIT-LIBPHP-2022-4900 Potential buffer overflow in php_cli_server_startup_workers
A vulnerability was found in PHP where setting the environment variable PHPCLISERVERWORKERS to a large value leads to a heap buffer overflow...
CVE-2025-21475
Memory corruption while processing escape code, when DisplayId is passed with large unsigned value...
CVE-2025-21475
Memory corruption while processing escape code, when DisplayId is passed with large unsigned value...
jose2go Security Vulnerabilities
jose2go is a Golang implementation of the Javascript object signing and encryption specification for individual developers at DV. A security vulnerability exists in jose2go versions prior to 1.6.0, which originated from a vulnerability that allows an attacker to cause a denial of service via a...
The getMaxTreeBrackets function does not handle the case when the suffixes array cannot be created due to memory constraints.
Lines of code Vulnerability details Impact if MaxTreeHeight is set to a very large value, such as 10^9, and twoSubstringLength is also set to a large value, such as 100, then the suffixes array would require 10^9 100 bytes of memory to be created. If the contract does not have that much memory...
TimeswapPair.sol#borrow() Improper implementation allows attacker to increase pool.state.z to a large value
Handle WatchPug Vulnerability details In the current implementation, borrow takes a user input value of zIncrease, while the actual collateral asset transferred in is calculated at L319, the state of pool.state.z still increased by the value of the user's input at L332. Even though a large number...
SciKit-Learn 0.23.2 Denial Of Service
Description svmpredictvalues in svm.cpp in Libsvm v324, as used in scikit-learn 0.23.2 and other products, allows attackers to cause a denial of service segmentation fault via a crafted model SVM introduced via pickle, json, or any other model permanence technique with a large value in the nsuppo...
Denial Of Service (DoS)
FFmpeg is vulnerable to denial of service DoS attacks. A malicious user can pass a file which contains a large itemnum value to bypass the large value checking, causing the file to consume a large amount of memory that can lead to memory exhaustion in the system...
CVE-2017-14169
In the mxfreadprimerpack function in libavformat/mxfdec.c in FFmpeg 3.3.3 - 2.4, an integer signedness error might occur when a crafted file, which claims a large "itemnum" field such as 0xffffffff, is provided. As a result, the variable "itemnum" turns negative, bypassing the check for a large...
py-pillow -- Integer overflow in Resample.c
The Pillow maintainers report: If a large value was passed into the new size for an image, it is possible to overflow an int32 value passed into malloc, leading the malloc’d buffer to be undersized. These allocations are followed by a loop that writes out of bounds. This can lead to corruption on...
HackerOne: Potential denial of service in hackerone.com/<program>/reward_settings
While setting the bounty for the program, if I set the bounty to a large value over 1,000,000 digits and send the request the website hangs for about a minute and a half, then pops up an error page saying there is an error on Hackerone's Host end. Time taken to repsond : 76856 Millisecond = 76.85...
PYSEC-2014-41
pythonscripts.py in Plone before 4.2.3 and 4.3 before beta 1 allows remote attackers to cause a denial of service memory consumption via a large value, related to formatColumns...
Raven Software Soldier Of Fortune 2 Ignore Command Remote Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/14098/info A remote denial of service vulnerability affects Raven Software Soldier Of Fortune 2. The problem presents itself specifically when the affected server application receives an excessively large value through a...
Opera Denial Of Service
!/usr/bin/perl Title : Opera 10.10 Remote Code Execution DoS Exploit Tested : Windows xp sp2 Description : Opera Web Browser is vulnerable DoS within its javascript tags alert This issue can be exploited by using a large value in a alert tags to create an out-of-bounds memory access This have in...
Raven Software Soldier Of Fortune 2 - Ignore Command Remote Denial of Service
Raven Software Soldier Of Fortune 2 - Ignore Command Remote Denial of Service source: https://www.securityfocus.com/bid/14098/info A remote denial of service vulnerability affects Raven Software Soldier Of Fortune 2. The problem presents itself specifically when the affected server application...