29 matches found
UBUNTU-CVE-2019-20925
An unauthenticated client can trigger denial of service by issuing specially crafted wire protocol messages, which cause the message decompressor to incorrectly allocate memory. This issue affects MongoDB Server v4.2 versions prior to 4.2.1; MongoDB Server v4.0 versions prior to 4.0.13; MongoDB...
MongoDB Authorization Issues Vulnerability
MongoDB is a document-oriented database management system from the U.S.-based MongoDB, Inc. An authorization issue vulnerability exists in MongoDB that allows an unauthenticated client to trigger a denial of service by issuing a specially crafted wired protocol message, which could cause the...
CVE-2020-6116
An arbitrary code execution vulnerability exists in the rendering functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242. When drawing the contents of a page using colors from an indexed colorspace, the application can miscalculate the size of a buffer when allocating space for its colors...
DEBIAN-CVE-2015-0283
The slapi-nis plug-in before 0.54.2 does not properly reallocate memory when processing user accounts, which allows remote attackers to cause a denial of service infinite loop and CPU consumption via a request for a 1 group with a large number of members or 2 user that belongs to a large number o...
CVE-2013-5595
The JavaScript engine in Mozilla Firefox before 25.0, Firefox ESR 17.x before 17.0.10 and 24.x before 24.1, Thunderbird before 24.1, Thunderbird ESR 17.x before 17.0.10, and SeaMonkey before 2.22 does not properly allocate memory for unspecified functions, which allows remote attackers to conduct...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the orderedmalloc function in boost/pool/pool.hpp. An attacker can perform memory-related attacks such as buffer overflows via a large memory chunk size value, which causes less memory to be allocated...
PT-2011-4030 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.0-rc1 Description: The issue allows local users to cause a denial of service, resulting in a system crash, by arranging for all resource groups to have too little free space. This is due to the gfs2 fallocate...
enet(Silicon Valley power)misallocation caused by leakage of the file and fixes-vulnerability warning-the black bar safety net
Brief Description: The jsp server is improperly configured, the result%3f the leak file Detail: Relates to the directory, as an example Vulnerabilityto prove: Repair solutions:?. jsp to%3f. jsp URL encoding occurs, resulting in the processing of jsp requests to the file Assembly errors of judgmen...
CVE-2002-0353
Concrete details found: CVE-2002-0353 affects Ethereal 0.9.2 and earlier, stemming from the ASN.1 parser, enabling remote denial of service via a malformed packet that triggers improper memory allocation (possibly due to zero-length fields). Public advisories reference multiple vendors (Debian, R...