Lucene search
K

36 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:36 a.m.4 views

SUSE CVE-2013-4332

Multiple integer overflows in malloc/malloc.c in the GNU C Library aka glibc or libc6 2.18 and earlier allow context-dependent attackers to cause a denial of service heap corruption via a large value to the 1 pvalloc, 2 valloc, 3 posixmemalign, 4 memalign, or 5 alignedalloc functions...

4.3CVSS6.8AI score0.02607EPSS
Exploits1References9
OSV
OSV
added 2022/05/17 2:37 a.m.31 views

GHSA-2MCJ-3R3R-V5WM phpMyAdmin DoS Vulnerability

An issue was discovered in phpMyAdmin. An authorized user can cause a denial-of-service DoS attack on a server by passing large values to a loop. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versions prior to 4.0.10.17 are affected...

6.5CVSS7.5AI score0.01693EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.11 views

Mageia: Security Advisory (MGASA-2015-0485)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References7
CNNVD
CNNVD
added 2021/04/29 12:0 a.m.6 views

Texas Instruments TI-RTOS-MCU 输入验证错误漏洞

The Texas Instruments TI-RTOS-MCU is an application system from Texas Instruments, Inc. A real-time operating system RTOS for microcontrollers MCUs. Texas Instrument TI-RTOS suffers from an input validation error vulnerability that stems from the fact that when configured to use the HeapMem heap...

7.8CVSS6.3AI score0.00279EPSS
Exploits0References5
CNNVD
CNNVD
added 2021/04/29 12:0 a.m.5 views

Texas Instruments TI-RTOS-MCU 输入验证错误漏洞

The Texas Instruments TI-RTOS-MCU is an application system from Texas Instruments, Inc. A real-time operating system RTOS for microcontrollers MCUs. Texas Instrument TI-RTOS has an input validation error vulnerability that originates from returning a valid pointer to a small buffer on a very larg...

7.8CVSS6.2AI score0.00276EPSS
Exploits0References5
OSV
OSV
added 2021/02/07 8:15 p.m.6 views

UBUNTU-CVE-2020-36242

In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrated by the Fernet class...

9.1CVSS7.1AI score0.06718EPSS
Exploits1References4
OSV
OSV
added 2021/02/07 8:15 p.m.3 views

PYSEC-2021-63

In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrated by the Fernet class...

9.1CVSS7AI score0.06718EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2018/10/10 5:25 p.m.25 views

Denial of Service in memjs

Versions of memjs prior to 1.2.2 are vulnerable to Denial of Service DoS. The package fails to sanitize the value option passed to the Buffer constructor, which may allow attackers to pass large values exhausting system resources. Recommendation Upgrade to version 1.2.2 or later...

9.1CVSS5AI score0.01452EPSS
Exploits1References4Affected Software1
Prion
Prion
added 2017/01/26 3:59 p.m.23 views

Double free

Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to have unspecified impact via large width and height values...

7.5CVSS7.4AI score0.04449EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2016/04/13 2:0 p.m.39 views

CVE-2014-9766

Integer overflow in the createbits function in pixman-bits-image.c in Pixman before 0.32.6 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via large height and stride values...

9.8CVSS10AI score0.05573EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2014/09/16 5:28 a.m.5 views

(Plone): Partial denial of service through internal function

It was discovered that Plone, included as a part of luci, did not properly handle the processing of very large values passed to an internal utility function. A remote attacker could use a specially crafted URL that, when processed, would lead to excessive memory consumption...

5CVSS5.8AI score0.02427EPSS
Exploits0References4
Zero Day Initiative
Zero Day Initiative
added 2014/02/13 12:0 a.m.55 views

Microsoft Direct2D Graphics Component Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

5.1CVSS6.4AI score0.18885EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2011/06/28 5:27 p.m.5 views

ruby: memory corruption in BigDecimal on 64bit platforms

The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and other platforms, does not properly allocate memory, which allows context-dependent attackers to execute arbitrary code or cause a denial of service applicati...

6.8CVSS6.8AI score0.03025EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2009/04/27 9:14 p.m.60 views

USN-767-1: FreeType vulnerability

Tavis Ormandy discovered that FreeType did not correctly handle certain large values in font files. If a user were tricked into using a specially crafted font file, a remote attacker could execute arbitrary code with user privileges...

7.5CVSS5.9AI score0.08541EPSS
Exploits1
securityvulns
securityvulns
added 2007/03/02 12:0 a.m.42 views

DovX Web Player ActiveX DoS

Crash on large 'resize' method values...

7.8CVSS1.9AI score0.03065EPSS
Exploits1Affected Software1
OSV
OSV
added 2006/08/15 11:4 p.m.3 views

DEBIAN-CVE-2006-4144

Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via large 1 bytesperpixel, 2 columns, and 3 rows values, which trigger a heap-based buffer overflow...

2.6CVSS7.6AI score0.10831EPSS
Exploits1References1
Rows per page
Query Builder