ECDSA Util 数据伪造问题漏洞

ECDSA Util is a collection of applets for ECDSA. A security vulnerability exists in ECDSA Util versions prior to 0.4.1, which stems from ecdsaverifypreparelegacy not checking that the signature values r and s are non-zero...

DEBIAN-CVE-2022-23852

Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES...

UBUNTU-CVE-2022-23852

Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES...

PYSEC-2021-92

An issue was discovered in Pillow before 8.2.0. For FLI data, FliDecode did not properly check that the block advance was non-zero, potentially leading to an infinite loop on load...

UBUNTU-CVE-2021-28676

An issue was discovered in Pillow before 8.2.0. For FLI data, FliDecode did not properly check that the block advance was non-zero, potentially leading to an infinite loop on load...

CVE-2017-18207

...

kernel: dereferencing NULL payload with nonzero length

A flaw was found in the implementation of associative arrays where the addkey systemcall and KEYCTLUPDATE operations allowed for a NULL payload with a nonzero length. When accessing the payload within this length parameters value, an unprivileged user could trivially cause a NULL pointer...

kernel: dereferencing NULL payload with nonzero length

A flaw was found in the implementation of associative arrays where the addkey systemcall and KEYCTLUPDATE operations allowed for a NULL payload with a nonzero length. When accessing the payload within this length parameters value, an unprivileged user could trivially cause a NULL pointer...

DEBIAN-CVE-2018-9263

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the Kerberos dissector could crash. This was addressed in epan/dissectors/packet-kerberos.c by ensuring a nonzero key length...

ALPINE-CVE-2018-9263

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the Kerberos dissector could crash. This was addressed in epan/dissectors/packet-kerberos.c by ensuring a nonzero key length...

UBUNTU-CVE-2018-9257

In Wireshark 2.4.0 to 2.4.5, the CQL dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-cql.c by checking for a nonzero number of columns...

UBUNTU-CVE-2018-9263

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the Kerberos dissector could crash. This was addressed in epan/dissectors/packet-kerberos.c by ensuring a nonzero key length...

ALPINE-CVE-2018-9257

In Wireshark 2.4.0 to 2.4.5, the CQL dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-cql.c by checking for a nonzero number of columns...

DEBIAN-CVE-2017-18235

An issue was discovered in Exempi before 2.4.3. The VPXChunk class in XMPFiles/source/FormatSupport/WEBPSupport.cpp does not ensure nonzero widths and heights, which allows remote attackers to cause a denial of service assertion failure and application exit via a crafted .webp file...

PT-2018-6736 · Python +2 · Python +2

Name of the Vulnerable Software and Affected Versions: Python versions through 3.6.4 Description: The issue concerns the Wave read. read fmt chunk function in Lib/wave.py, which does not ensure a nonzero channel value. This allows attackers to cause a denial of service via a crafted wav format...

Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-096)

According to the version of the parallels-server-bm-release / vzkernel / etc packages installed, the Virtuozzo installation on the remote host is affected by the following vulnerability : - A flaw was found in the implementation of associative arrays where the addkey systemcall and KEYCTLUPDATE...

UBUNTU-CVE-2017-15274

security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local users to cause a denial of service NULL pointer dereference and OOPS via a crafted addkey or keyctl system call, a different...

UBUNTU-CVE-2017-9146

The TNEFFillMapi function in lib/ytnef.c in libytnef in ytnef through 1.9.2 does not ensure a nonzero count value before a certain memory allocation, which allows remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impa...

UBUNTU-CVE-2017-7700

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by ensuring a nonzero record size...

DEBIAN-CVE-2017-7700

In Wireshark 2.2.0 to 2.2.5 and 2.0.0 to 2.0.11, the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by ensuring a nonzero record size...