Stack overflow

AR120-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR1200 with software V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30,AR1200-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR150 with software V200R006C10,...

[SECURITY] Fedora 27 Update: botan-1.10.17-1.fc27

Botan is a BSD-licensed crypto library written in C++. It provides a wide variety of basic cryptographic algorithms, X.509 certificates and CRLs, PKCS \10 certificate requests, a filter/pipe message processing system, and a wide variety of other features, all written in portable C++. The API...

[SECURITY] Fedora 25 Update: botan-1.10.17-1.fc25

Botan is a BSD-licensed crypto library written in C++. It provides a wide variety of basic cryptographic algorithms, X.509 certificates and CRLs, PKCS \10 certificate requests, a filter/pipe message processing system, and a wide variety of other features, all written in portable C++. The API...

CVE-2015-5164

The Qpid server on Red Hat Satellite 6 does not properly restrict message types, which allows remote authenticated users with administrative access on a managed content host to execute arbitrary code via a crafted message, related to a pickle processing problem in pulp...

CVE-2017-1285

IBM WebSphere MQ 9.0.1 and 9.0.2 could allow an authenticated user with authority to send a specially crafted message that would cause a channel to remain in a running state but not process messages. IBM X-Force ID: 125146...

CVE-2017-1285

IBM WebSphere MQ 9.0.1 and 9.0.2 could allow an authenticated user with authority to send a specially crafted message that would cause a channel to remain in a running state but not process messages. IBM X-Force ID: 125146...

CVE-2017-1285

CVE-2017-1285 affects IBM MQ (WebSphere MQ) versions 9.0.1–9.0.2 and related CD/appliance lines. An authenticated user with authority to send a specially crafted message could cause a SDR/CLUSSDR channel to remain running but stop processing messages, potentially impacting availability. Remediati...

Apache Struts2 remote code execution vulnerability S2-045 technical analysis and protection solution-vulnerability warning-the black bar safety net

Apache Struts2 Jakarta Multipart parser plug-ins the presence of a remote code execution vulnerability, the vulnerability number is CNNVD-201703-152。 The attacker can use the plugin to upload a file, modify the HTTP request header Content-Type value to trigger the vulnerability leads to remote co...

[SECURITY] Fedora 24 Update: botan-1.10.14-3.fc24

Botan is a BSD-licensed crypto library written in C++. It provides a wide variety of basic cryptographic algorithms, X.509 certificates and CRLs, PKCS \10 certificate requests, a filter/pipe message processing system, and a wide variety of other features, all written in portable C++. The API...

Cisco IOS XE Software Border Gateway Protocol Message Processing DoS (cisco-sa-20160715-bgp)

The Cisco IOS XE Software running on the remote device is missing a security patch. It is, therefore, affected by a denial of service vulnerability in the Border Gateway Protocol BGP message processing functions due to improper processing of BGP attributes. An authenticated, remote attacker can...

Cisco IOS XE Software Border Gateway Protocol Message Processing Denial of Service Vulnerability

A vulnerability in Border Gateway Protocol BGP message processing functions of Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper processing of crafted BGP attributes. An attacker could exploit this...

Cisco IOS Software Border Gateway Protocol Message Processing Denial of Service Vulnerability (cisco-sa-20160715-bgp)

A vulnerability in Border Gateway Protocol BGP message processing functions of Cisco IOS Software could allow an authenticated, remote attacker to cause an affected device to reload. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and...

qemu -- denial of service vulnerability in VNC

Prasad J Pandit, Red Hat Product Security Team, reports: Qemu emulator built with the VNC display driver support is vulnerable to an arithmetic exception flaw. It occurs on the VNC server side while processing the 'SetPixelFormat' messages from a client. A privileged remote client could use this...

[BSA-103] Security Update for shibboleth-sp

Matthew Vernon uploaded new packages for shibboleth-sp which fixed the following security problems: CVE-2015-2684 A denial of service vulnerability was found in the Shibboleth a federated identity framework Service Provider. When processing certain malformed SAML messages generated by an...

Google Email Application Header Parsing Denial Of Service

A vulnerability in the Google email application has been found. The vulnerability occurs when processing a malicious email message. An attacker can remotely perform a Denial Of Service attack by sending a specially crafted email...

[SECURITY] Fedora 20 Update: botan-1.10.8-1.fc20

Botan is a BSD-licensed crypto library written in C++. It provides a wide variety of basic cryptographic algorithms, X.509 certificates and CRLs, PKCS \10 certificate requests, a filter/pipe message processing system, and a wide variety of other features, all written in portable C++. The API...

(bgpd): Assertion failure by processing BGP OPEN message with malformed ORF capability TLV (VU#962587)

The bgpcapabilityorf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service assertion failure and daemon exit by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering ORF capability TLV in an OPEN message...

D-Bus DoS

Crash on message processing...

SAP Crystal Reports 2008 integer overflow

Integer overflow on GIOP message processing...

Ipswitch IMail Server邮件列表imailsrv.exe栈溢出漏洞

BUGTRAQ ID: 41719 Ipswitch IMail Server是Ipswitch协作组件中捆绑的一个邮件服务器。 imailsrv.exe进程用于处理发送给imailsrv的消息。如果消息标题中包含有“?Q?”运算符，则该序列之后的字符串未经长度检查便被拷贝到了本地栈缓冲区，导致执行任意代码。 如果要到达这个代码路径，邮件列表必须受口令保护（需认证情况），或之前已经配置了口令（无需认证情况）。 Ipswitch IMail 11.01 厂商补丁： Ipswitch -------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...