UBUNTU-CVE-2018-20622

JasPer 2.0.14 has a memory leak in base/jasmalloc.c in libjasper.a when "--output-format jp2" is used...

PT-2018-3487 · Jasper +2 · Jasper +2

Name of the Vulnerable Software and Affected Versions: JasPer version 2.0.14 Description: The issue is related to a memory leak in the base/jas malloc.c file of the libjasper.a library. This memory leak occurs when the "--output-format jp2" option is used. The exploitation of this issue may allow...

Design/Logic Flaw

Netwide Assembler NASM through 2.14rc16 has memory leaks that may lead to DoS, related to nasmmalloc in nasmlib/malloc.c...

DEBIAN-CVE-2018-19213

Netwide Assembler NASM through 2.14rc16 has memory leaks that may lead to DoS, related to nasmmalloc in nasmlib/malloc.c...

UBUNTU-CVE-2018-19213

Netwide Assembler NASM through 2.14rc16 has memory leaks that may lead to DoS, related to nasmmalloc in nasmlib/malloc.c...

CVE-2018-18650

An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows attackers to launch a denial of service Integer Overflow via a crafted /Size value in a pdf file, as demonstrated by pdftohtml. This is mainly caused by the program attempting a malloc operation for a large amount of...

Integer overflow

An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows attackers to launch a denial of service Integer Overflow via a crafted /Size value in a pdf file, as demonstrated by pdftohtml. This is mainly caused by the program attempting a malloc operation for a large amount of...

UBUNTU-CVE-2018-18483

The getcount function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service malloc called with the result of an integer-overflowing calculation or possibly have unspecified other impact via a crafted string, as demonstrated by...

CVE-2018-17332

An issue was discovered in libsvg2 through 2012-10-19. The svgGetNextPathField function in svgstring.c returns its input pointer in certain circumstances, which might result in a memory leak caused by wasteful malloc calls...

CVE-2018-17332

An issue was discovered in libsvg2 through 2012-10-19. The svgGetNextPathField function in svgstring.c returns its input pointer in certain circumstances, which might result in a memory leak caused by wasteful malloc calls...

CVE-2017-2575

A vulnerability was found while fuzzing libbpg 0.9.7. It is a NULL pointer dereference issue due to missing check of the return value of function malloc in the BPG encoder. This vulnerability appeared while converting a malicious JPEG file to BPG...

CVE-2017-2575

CVE-2017-2575 affects the libbpg 0.9.7 BPG encoder. The issue is a NULL pointer dereference caused by a missing check of the return value from malloc during conversion of a malicious JPEG file to BPG. This is a code-path vulnerability in the encoder that can lead to a crash when parsing crafted i...

Google gperftools memory leak vulnerability

Google gperftools is an implementation of malloc that includes performance analysis tools such as heap checker, heap analyzer and CPU analyzer. A memory disclosure vulnerability exists in the mallocextension.cc file in Google gperftools version 2.7. An attacker could exploit this vulnerability to...

AZL-6453 CVE-2018-13420 affecting package gperftools for versions less than 2.7-4

Google gperftools 2.7 has a memory leak in mallocextension.cc, related to MallocExtension::Register and InitModule. NOTE: the software maintainer indicates that this is not a bug; it is only a false-positive report from the LeakSanitizer program...

DEBIAN-CVE-2018-13420

Google gperftools 2.7 has a memory leak in mallocextension.cc, related to MallocExtension::Register and InitModule. NOTE: the software maintainer indicates that this is not a bug; it is only a false-positive report from the LeakSanitizer program...

CVE-2018-13420

Google gperftools 2.7 has a memory leak in mallocextension.cc, related to MallocExtension::Register and InitModule. NOTE: the software maintainer indicates that this is not a bug; it is only a false-positive report from the LeakSanitizer program...

PT-2018-11815 · Google +2 · Gperftools +2

Name of the Vulnerable Software and Affected Versions: Google gperftools version 2.7 Description: The issue is related to a memory leak in malloc extension.cc, specifically involving MallocExtension::Register and InitModule. However, the software maintainer disputes this, stating it is a...

Sony Playstation 4 (PS4) 5.1 - Kernel (PoC)

Sony Playstation 4 PS4 5.1 - Kernel PoC log"--- trying kernel exploit --"; function mallocsz var backing = new Uint8Array0x10000+sz; window.nogc.pushbacking; var ptr = p.read8p.leakvalbacking.add320x10; ptr.backing = backing; return ptr; function malloc32sz var backing = new Uint8Array0x10000+sz4...

Heap Viewer - An IDA Pro Plugin To Examine The Glibc Heap, Focused On Exploit Development

An IDA Pro plugin for now to examine the heap, focused on exploit development. Currently only supports glibc malloc ptmalloc2. Requirements IDA Pro = 6.9 Tested on glibc = 2.26 GraphView for linked lists bins/tcache Magic utils: Unlink merge info Fake fastbin finder House of force helper Useful...

CVE-2018-10538

An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytestocopy...