36 matches found
SUSE CVE-2013-4332
Multiple integer overflows in malloc/malloc.c in the GNU C Library aka glibc or libc6 2.18 and earlier allow context-dependent attackers to cause a denial of service heap corruption via a large value to the 1 pvalloc, 2 valloc, 3 posixmemalign, 4 memalign, or 5 alignedalloc functions...
GHSA-2MCJ-3R3R-V5WM phpMyAdmin DoS Vulnerability
An issue was discovered in phpMyAdmin. An authorized user can cause a denial-of-service DoS attack on a server by passing large values to a loop. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versions prior to 4.0.10.17 are affected...
Mageia: Security Advisory (MGASA-2015-0485)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Texas Instruments TI-RTOS-MCU 输入验证错误漏洞
The Texas Instruments TI-RTOS-MCU is an application system from Texas Instruments, Inc. A real-time operating system RTOS for microcontrollers MCUs. Texas Instrument TI-RTOS suffers from an input validation error vulnerability that stems from the fact that when configured to use the HeapMem heap...
Texas Instruments TI-RTOS-MCU 输入验证错误漏洞
The Texas Instruments TI-RTOS-MCU is an application system from Texas Instruments, Inc. A real-time operating system RTOS for microcontrollers MCUs. Texas Instrument TI-RTOS has an input validation error vulnerability that originates from returning a valid pointer to a small buffer on a very larg...
UBUNTU-CVE-2020-36242
In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrated by the Fernet class...
PYSEC-2021-63
In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrated by the Fernet class...
Denial of Service in memjs
Versions of memjs prior to 1.2.2 are vulnerable to Denial of Service DoS. The package fails to sanitize the value option passed to the Buffer constructor, which may allow attackers to pass large values exhausting system resources. Recommendation Upgrade to version 1.2.2 or later...
Double free
Double free vulnerability in the gdImageWebPtr function in the GD Graphics Library aka libgd before 2.2.4 allows remote attackers to have unspecified impact via large width and height values...
CVE-2014-9766
Integer overflow in the createbits function in pixman-bits-image.c in Pixman before 0.32.6 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via large height and stride values...
(Plone): Partial denial of service through internal function
It was discovered that Plone, included as a part of luci, did not properly handle the processing of very large values passed to an internal utility function. A remote attacker could use a specially crafted URL that, when processed, would lead to excessive memory consumption...
Microsoft Direct2D Graphics Component Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
ruby: memory corruption in BigDecimal on 64bit platforms
The VpMemAlloc function in bigdecimal.c in the BigDecimal class in Ruby 1.9.2-p136 and earlier, as used on Apple Mac OS X before 10.6.7 and other platforms, does not properly allocate memory, which allows context-dependent attackers to execute arbitrary code or cause a denial of service applicati...
USN-767-1: FreeType vulnerability
Tavis Ormandy discovered that FreeType did not correctly handle certain large values in font files. If a user were tricked into using a specially crafted font file, a remote attacker could execute arbitrary code with user privileges...
DovX Web Player ActiveX DoS
Crash on large 'resize' method values...
DEBIAN-CVE-2006-4144
Integer overflow in the ReadSGIImage function in sgi.c in ImageMagick before 6.2.9 allows user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via large 1 bytesperpixel, 2 columns, and 3 rows values, which trigger a heap-based buffer overflow...