iputils: iputils integer overflow

An integer overflow flaw has been discovered in the ping function within the iputils package. This overflow may allow an attacker to craft an ECHO reply which can prevent iputils from operating normally...

EUVD-2005-4148

Malware in sbrugna...

CVE-2020-27793

An off-by-one overflow flaw was found in radare2 due to mismatched array length in corejava.c. This could allow an attacker to cause a crash, and perform a denail of service attack...

RHEL 7 : lua (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - lua: overflow flaw in vararg functions CVE-2014-5461 Note that Nessus has not tested for this issue but has instead...

ffr: Flowspec overflow in bgpd/bgp_flowspec.c

A flaw was found in bgpd/bgpflowspec.c in the FFrouting BGP protocol code. An overflow may occur while processing zero length NLRI messages...

CVE-2023-48235

A flaw as found in Vim, an open source command line text editor. When parsing relative ex addresses, one may unintentionally cause an overflow. Ironically, this happens in the existing overflow check because the line number becomes negative and LONGMAX - lnum will cause the overflow. The impact i...

SUSE CVE-2007-2788

Integer overflow in the embedded ICC profile image parser in Sun Java Development Kit JDK before 1.5.011-b03 and 1.6.x before 1.6.001-b06, and Sun Java Runtime Environment in JDK and JRE 6, JDK and JRE 5.0 Update 10 and earlier, SDK and JRE 1.4.214 and earlier, and SDK and JRE 1.3.120 and earlier...

Denial Of Service (DoS)

radare2 is vulnerable to denial of service. The vulnerability exists due to an off-by-one overflow flaw caused by mismatched array length in corejava.c which allows an attacker to crash the application via malicious input...

golang: crypto/elliptic: panic caused by oversized scalar

An integer overflow flaw was found in Golang's crypto/elliptic library. This flaw allows an attacker to use a crafted scaler input longer than 32 bytes, causing P256.ScalarMult or P256.ScalarBaseMult to panic, leading to a loss of availability...

JavaSwapTest Number Error Vulnerability

JavaSwapTest JST is an ethereum-based digital currency.An integer overflow vulnerability exists in the 'mintToken' function of JST's smart contract implementation. A remote attacker could exploit this vulnerability to set a user's balance to an arbitrary value...

FreeRADIUS 'rad_coalesce()' Write Overflow Vulnerability

FreeRADIUS is a set of software that implements the RADIUS protocol from the FreeRADIUS Server project. The software is mainly used for account authentication management, bookkeeping management and Internet account management, etc. and contains a Radius server, a client library for BSD protocol...

OpenJDK: java.nio Buffers integer overflow issues (Libraries, 8130891)

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60, and Java SE Embedded 8u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries...

Mandrake Linux Security Advisory : netscape (MDKSA-2000:027-1)

Previous versions of Netscape, from version 3.0 to 4.73 contain a serious overflow flaw due to improper input verification in Netscape's JPEG processing code. The way Netscape processed JPEG comments trusted the length parameter for comment fields. By manipulating this value, it was possible to...

Mozilla: SVG buffer overflow and use-after-free issues (MFSA 2012-63)

Use-after-free vulnerability in the nsTArraybase::Length function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a denial of service...

Scientific Linux Security Update : krb5 on SL3.x i386/x86_64

David Coffey discovered an uninitialized pointer free flaw in the RPC library used by kadmind. A remote unauthenticated attacker who can access kadmind could trigger this flaw and cause kadmind to crash or potentially execute arbitrary code as root. CVE-2007-2442 David Coffey also discovered an...

RedHat Update for openoffice.org RHSA-2010:0643-01

Check for the Version of openoffice.org OpenVAS Vulnerability Test RedHat Update for openoffice.org RHSA-2010:0643-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...

Moderate: Red Hat Security Advisory: vim security update

Updated vim packages that fix various security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Vim Visual editor IMproved is an updated and improved version of the vi editor. Severa...

Mandrake Linux Security Advisory : krb5 (MDKSA-2007:137)

David Coffey discovered an uninitialized pointer free flaw in the RPC library used by kadmind. A remote unauthenticated attacker who could access kadmind could trigger the flaw causing kadmind to crash or possibly execute arbitrary code CVE-2007-2442. David Coffey also discovered an overflow flaw...

RHEL 2.1 / 3 : krb5 (RHSA-2007:0384)

Updated krb5 packages that fix several security flaws are now available for Red Hat Enterprise Linux 2.1 and 3. This update has been rated as having critical security impact by the Red Hat Security Response Team. Kerberos is a network authentication system which allows clients and servers to...

Mandrake Linux Security Advisory : zlib (MDKSA-2005:124)

A previous zlib update MDKSA-2005:112; CVE-2005-2096 fixed an overflow flaw in the zlib program. While that update did indeed fix the reported overflow issue, Markus Oberhumber discovered additional ways that a specially crafted compressed stream could trigger an overflow. An attacker could creat...