113 matches found
CVE-2021-27431 ARM CMSIS RTOS2 Integer Overflow or Wraparound
ARM CMSIS RTOS2 versions prior to 2.1.3 are vulnerable to integer wrap-around inosRtxMemoryAlloc local malloc equivalent function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or injected code execution...
CVE-2021-45481
In WebKitGTK before 2.32.4, there is incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create, leading to a segmentation violation and application crash, a different vulnerability than CVE-2021-30889...
AUVESY Versiondog 资源管理错误漏洞
AUVESY Versiondog is an automated production data and change management software solution from AUVESY Germany. a resource management error vulnerability exists in AUVESY Versiondog, which can be exploited by attackers to allocate unlimited memory buffers using API functions...
CVE-2021-35517
When reading a specially crafted TAR archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. This could be used to mount a denial of service attack against services that use Compress' tar package...
Huawei EulerOS: Security Advisory for netpbm (EulerOS-SA-2021-2107)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.6.6 : netpbm (EulerOS-SA-2021-1500)
According to the versions of the netpbm packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A memory allocation vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to...
CVE-2020-29370
An issue was discovered in kmemcacheallocbulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71...
CVE-2019-20925
An unauthenticated client can trigger denial of service by issuing specially crafted wire protocol messages, which cause the message decompressor to incorrectly allocate memory. This issue affects MongoDB Server v4.2 versions prior to 4.2.1; MongoDB Server v4.0 versions prior to 4.0.13; MongoDB...
MGASA-2020-0430 Updated tcpdump package fixes a security vulnerability
The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory. CVE-2020-8037...
CVE-2020-7226
CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and other products, allows attackers to trigger excessive memory allocation during a decode operation, because the nonce array length associated with "new byte" may depend on untrusted input within the header of encoded data...
Huawei EulerOS: Security Advisory for netpbm (EulerOS-SA-2019-2426)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Information disclosure
An issue was discovered in Bitdefender BOX firmware versions before 2.1.37.37-34 that affects the general reliability of the product. Specially crafted packets sent to the miniupnpd implementation in result in the device allocating memory without freeing it later. This behavior can cause the...
CVE-2019-7698
An issue was discovered in AP4Array::EnsureCapacity in Core/Ap4Array.h in Bento4 1.5.1-627. Crafted MP4 input triggers an attempt at excessive memory allocation, as demonstrated by mp42hls, a related issue to CVE-2018-20095...
CVE-2019-7148
An attempted excessive memory allocation was discovered in the function readlongnames in elfbegin.c in libelf in elfutils 0.174. Remote attackers could leverage this vulnerability to cause a denial-of-service via crafted elf input, which leads to an out-of-memory exception. NOTE: The maintainers...
CVE-2019-7148
An attempted excessive memory allocation was discovered in the function readlongnames in elfbegin.c in libelf in elfutils 0.174. Remote attackers could leverage this vulnerability to cause a denial-of-service via crafted elf input, which leads to an out-of-memory exception. NOTE: The maintainers...
libIEC61850 Resource Management Error Vulnerability (CNVD-2019-43852)
libIEC61850 is an open source library for IEC 61850. A security vulnerability exists in Memorymalloc and Memorycalloc in the hal/memory/libmemory.c file in libIEC61850 version 1.3.1. An attacker can exploit this vulnerability to cause a denial of service memory leak...
CVE-2018-16865
An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when many entries are sent to the journal socket. A local attacker, or a remote one if systemd-journal-remote is used, may use this flaw to crash...
Bento4 Excessive Memory Allocation Vulnerability (CNVD-2019-07053)
Bento4 is a C++ class library and tool for reading and writing ISO-MP4 files. An excessive memory allocation vulnerability in the AP4DataBuffer class in Bento4 1.5.1-627 when called from AP4HvccAtom::Create in Core/Ap4HvccAtom.cpp can be exploited by an attacker to cause a denial of service...
Critical: java-1.8.0-openjdk
Issue Overview: Unbounded memory allocation during deserialization in Container AWT, 8189989 Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: AWT. Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161...
CVE-2018-10114
An issue was discovered in GEGL through 0.3.32. The geglbufferiteratereadsimple function in buffer/gegl-buffer-access.c allows remote attackers to cause a denial of service write access violation or possibly have unspecified other impact via a malformed PPM file, related to improper restrictions ...