12 matches found
📄 macOS 10.13.4 Heap Overflow
Proof of concept exploit for an old macOS version 10.13.4 heap overflow vulnerability. A kernel heap overflow exists in fgetattrlist due to missing lower-bound buffer size validation when writing returned attributes to caller-supplied memory. When triggered it causes a kernel panic...
Denial Of Service (DoS)
github.com/pion/interceptor is vulnerable to Denial of Service DoS. The vulnerability is due to improper input validation in the RTP packet factory that fails to correctly validate padding length, allowing crafted RTP packets to trigger a panic in Pion-based SFUs...
CVE-2025-49140 Pion Interceptor's improper RTP padding handling allows remote crash for SFU users (DoS)
Pion Interceptor is a framework for building RTP/RTCP communication software. Versions v0.1.36 through v0.1.38 contain a bug in a RTP packet factory that can be exploited to trigger a panic with Pion based SFU via crafted RTP packets, This only affect users that use pion/interceptor. Users should...
CVE-2023-3036
An unchecked read in NTP server in github.com/cloudflare/cfnts prior to commit 783490b https://github.com/cloudflare/cfnts/commit/783490b913f05e508a492cd7b02e3c4ec2297b71 enabled a remote attacker to trigger a panic by sending an NTSAuthenticator packet with extension length longer than the packe...
Duplicate Advisory: ring has some AES functions that may panic when overflow checking is enabled in
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-4p46-pwfr-66x6. This link is maintained to preserve external references. Original Description A flaw was found in Rust's Ring package. A panic may be triggered when overflow checking is enabled. In the QUIC...
CVE-2025-4432
A flaw was found in Rust's Ring package. A panic may be triggered when overflow checking is enabled. In the QUIC protocol, this flaw allows an attacker to induce this panic by sending a specially crafted packet. It will likely occur unintentionally in 1 out of every 232 packets sent or received...
PT-2025-20574
Name of the Vulnerable Software and Affected Versions Rust's Ring package affected versions not specified Debian Linux affected versions not specified Description A flaw in Rust's Ring package can trigger a panic when overflow checking is enabled. This issue can be exploited in the QUIC protocol ...
CVE-2023-3036 Out of Bounds Slice index in cfnts leads to remote panic
An unchecked read in NTP server in github.com/cloudflare/cfnts prior to commit 783490b https://github.com/cloudflare/cfnts/commit/783490b913f05e508a492cd7b02e3c4ec2297b71 enabled a remote attacker to trigger a panic by sending an NTSAuthenticator packet with extension length longer than the packe...
SUSE CVE-2022-1962
Uncontrolled recursion in the Parse functions in go/parser before Go 1.17.12 and Go 1.18.4 allow an attacker to cause a panic due to stack exhaustion via deeply nested types or declarations...
dhowden tag panic due to out-of-bounds read
Due to improper bounds checking, a number of methods in dhowden tag before 0.0.0-20201120070457-d52dcb253c63 can trigger a panic via readAPICFrame due to attempted out-of-bounds reads. If the package is used to parse user supplied input, this may be used as a vector for a denial of service attack...
kernel: denial of service in arch/powerpc/kernel/signal_32.c and arch/powerpc/kernel/signal_64.c via sigreturn() system call
A flaw was found in the PowerPc platform, where the kernel will panic if the transactional memory is disabled. An attacker could use this flaw to panic the system by constructing a signal context through the transactional memory MSR bits set...
Apple Mac OSX 10.10 - BlueTooth TransferACLPacketToHW Crash (PoC)
Apple Mac OSX 10.10 - BlueTooth TransferACLPacketToHW Crash PoC / crash-issue3.c: Written for Mac OS X Yosemite 10.10 by @rpaleari and @joystick. Exploits a missing check in IOBluetoothHCIController::TransferACLPacketToHW to trigger a panic. gcc -Wall -o crash-issue3,.c -framework IOKit / include...