14 matches found
EUVD-2012-4614
Malware in sbrugna...
EUVD-2007-6090
Malware in sbrugna...
CVE-2025-21009
Out-of-bounds read in decoding malformed frame header in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption...
h2o -- Malformed HTTP/1.1 causes Out-of-Memory Denial of Service
Elijah Glover reports: Malformed HTTP/1.1 requests can crash worker processes. occasionally locking up child workers and causing denial of service, and an outage dropping any open connections...
PortEx - Java Library To Analyse Portable Executable Files With A Special Focus On Malware Analysis And PE Malformation Robustness
PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness, and anomaly detection. PortEx is written in Java and Scala, and targeted at Java applications. Features Reading header information from: MSDOS Header, COFF File Header,...
Nil dereference in NATS JWT causing DoS of nats-server
This advisory is canonically Problem Description The NATS account system has an Operator trusted by the servers, which signs Accounts, and each Account can then create and sign Users within their account. The Operator should be able to safely issue Accounts to other entities which it does not ful...
CVE-2019-13453
Zipios before 0.1.7 does not properly handle certain malformed zip archives and can go into an infinite loop, causing a denial of service. This is related to zipheadio.h:readUint32 and zipfile.cpp:Zipfile::Zipfile...
PortEx - Java library to analyse Portable Executable files with a special focus on malware analysis and PE malformation robustness
PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness, and anomaly detection. PortEx is written in Java and Scala, and targeted at Java applications. Features Reading header information from: MSDOS Header, COFF File Header,...
MGASA-2016-0191 Updated perl packages fix security vulnerability
The regex engine got into an infinite loop because of the malformation. It is trying to back-up over a sequence of UTF-8 continuation bytes. The character just before the sequence should be a start byte. If it's not, there is a malformation which results in "hang" of regexp matching and CPU...
Updated perl packages fix security vulnerability
The regex engine got into an infinite loop because of the malformation. It is trying to back-up over a sequence of UTF-8 continuation bytes. The character just before the sequence should be a start byte. If it's not, there is a malformation which results in "hang" of regexp matching and CPU...
PE Static Malware Analysis: PortEx
PortEx is a Java library for static malware analysis of portable executable files. Its focus is on PE malformation robustness and anomaly detection. PortEx is written in Java and Scala, and targeted at Java applications. Features Reading Header information from: MSDOS Header, COFF File Header,...
Code injection
Invensys Wonderware HMI Reports 3.42.835.0304 and earlier, as used in Ocean Data Systems Dream Report before 4.0 and other products, allows user-assisted remote attackers to execute arbitrary code via a malformed file that triggers a "write access violation."...
CVE-2011-2665
reqrespparser.c in the SIP channel driver in Asterisk Open Source 1.8.x before 1.8.4.3 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a SIP packet with a Contact header that lacks a less than character...
Input validation
NTP 4.2.4 before 4.2.4p5 and 4.2.5 before 4.2.5p150 does not properly check the return value from the OpenSSL EVPVerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to...