857 matches found
CVE-2022-3437
A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc allocated memory when presented with a...
CVE-2022-3437
A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc allocated memory when presented with a...
CVE-2023-22551
The FTP aka "Implementation of a simple FTP client and server" project through 96c1a35 allows remote attackers to cause a denial of service memory consumption by engaging in client activity, such as establishing and then terminating a connection. This occurs because malloc is used but free is not...
CVE-2023-22551
CVE-2023-22551 affects the FTP project ("Implementation of a simple FTP client and server") up to commit 96c1a35. The issue is a memory-DoS caused by using malloc without a corresponding free during client activity (e.g., establishing and terminating a connection). Impact is denial of service thr...
AddressSanitizer: heap-buffer-overflow in alloc.c 246:11
Description ================================================================= ==19339==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x606000001015 at pc 0x0000004872d8 bp 0x7ffdef721150 sp 0x7ffdef720910 WRITE of size 2 at 0x606000001015 thread T0 Detaching after fork from child proce...
Buffer Overflow
samba is vulnerable to buffer overflow. The vulnerability exists within the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal because GSSAPI library allow a length-limited write buffer overflow on malloc allocated memory when presented with a maliciously small packet causing an application cras...
EulerOS 2.0 SP5 : libtar (EulerOS-SA-2022-2713)
According to the versions of the libtar package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a variable...
CVE-2022-3437
A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal. The DES and Triple-DES decryption routines in the Heimdal GSSAPI library allow a length-limited write buffer overflow on malloc allocated memory when presented with a...
ROS-20221025-01
A vulnerability in the specialized shapelib library is related to a double memory release in the contrib/shpsort.c. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service or other unspecified impact by controlling malloc...
Heimdal GSSAPI 安全漏洞
Heimdal GSSAPI is the General Security Service Application Program Interface for Heimdal Individual Developers. A security vulnerability exists in Heimdal GSSAPI that stems from a possible buffer overflow on malloc allocated memory by the DES and 3-DES decoding methods...
AZL-28599 CVE-2022-0699 affecting package shapelib for versions less than 1.5.0-3
A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. This issue may allow an attacker to cause a denial of service or have other unspecified impact via control over malloc...
CVE-2022-0699
A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. This issue may allow an attacker to cause a denial of service or have other unspecified impact via control over malloc...
DEBIAN-CVE-2022-0699
A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. This issue may allow an attacker to cause a denial of service or have other unspecified impact via control over malloc...
CVE-2022-0699
A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. This issue may allow an attacker to cause a denial of service or have other unspecified impact via control over malloc...
Double free
A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. This issue may allow an attacker to cause a denial of service or have other unspecified impact via control over malloc...
CVE-2022-0699
A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. This issue may allow an attacker to cause a denial of service or have other unspecified impact via control over malloc...
CVE-2022-0699
A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. This issue may allow an attacker to cause a denial of service or have other unspecified impact via control over malloc...
CVE-2022-0699
A double-free condition exists in contrib/shpsort.c of shapelib 1.5.0 and older releases. This issue may allow an attacker to cause a denial of service or have other unspecified impact via control over malloc...
CVE-2022-0699
The CVE-2022-0699 issue affects shapelib (library for ESRI Shapefiles) up to and including version 1.5.0. A double-free in contrib/shpsort.c can lead to denial of service or other unspecified impact via controlled malloc. Multiple connected advisories confirm fixes or mitigations in various distr...
EulerOS 2.0 SP9 : curl (EulerOS-SA-2022-2310)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - libcurl provides the CURLOPTCERTINFO option to allow applications torequest details to be returned about a server's certificate chain.Due to an...