CVE-2023-24329

An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters...

UBUNTU-CVE-2023-24329

An issue in the urllib.parse component of Python before 3.11.4 allows attackers to bypass blocklisting methods by supplying a URL that starts with blank characters...

SUSE CVE-2004-1267

Buffer overflow in the ParseCommand function in hpgl-input.c in the hpgltops program for CUPS 1.1.22 allows remote attackers to execute arbitrary code via a crafted HPGL file...

SUSE CVE-2006-1516

The checkconnection function in sqlparse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read...

SUSE CVE-2006-3746

Integer overflow in parsecomment in GnuPG gpg 1.4.4 allows remote attackers to cause a denial of service segmentation fault via a crafted message...

SUSE CVE-2007-1218

Off-by-one buffer overflow in the parseelements function in the 802.11 printer code print-80211.c for tcpdump 3.9.5 and earlier allows remote attackers to cause a denial of service crash via a crafted 802.11 frame. NOTE: this was originally referred to as heap-based, but it might be stack-based...

SUSE CVE-2007-3294

Multiple buffer overflows in libtidy, as used in the Tidy extension for PHP 5.2.3 and possibly other products, allow context-dependent attackers to execute arbitrary code via 1 a long second argument to the tidyparsestring function or 2 an unspecified vector to the tidyrepairstring function. NOTE...

SUSE CVE-2007-3410

Stack-based buffer overflow in the SmilTimeValue::parseWallClockValue function in smlprstime.cpp in RealNetworks RealPlayer 10, 10.1, and possibly 10.5, RealOne Player, RealPlayer Enterprise, and Helix Player 10.5-GOLD and 10.0.5 through 10.0.8, allows remote attackers to execute arbitrary code v...

SUSE CVE-2008-1881

Stack-based buffer overflow in the ParseSSA function modules/demux/subtitle.c in VLC 0.8.6e allows remote attackers to execute arbitrary code via a long subtitle in an SSA file. NOTE: this issue is due to an incomplete fix for CVE-2007-6681...

SUSE CVE-2008-4298

Memory leak in the httprequestparse function in request.c in lighttpd before 1.4.20 allows remote attackers to cause a denial of service memory consumption via a large number of requests with duplicate request headers...

SUSE CVE-2008-5247

The realparseaudiospecificdata function in demuxreal.c in xine-lib 1.1.12, and other 1.1.15 and earlier versions, uses an untrusted height aka codecdatalength value as a divisor, which allow remote attackers to cause a denial of service divide-by-zero error and crash via a zero value...

SUSE CVE-2009-0387

Array index error in the qtdemuxparsesamples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins aka gst-plugins-good 0.10.9 through 0.10.11 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via crafted Sync Sample aka stss atom da...

SUSE CVE-2009-0397

Heap-based buffer overflow in the qtdemuxparsesamples function in gst/qtdemux/qtdemux.c in GStreamer Good Plug-ins aka gst-plugins-good 0.10.9 through 0.10.11, and GStreamer Plug-ins aka gstreamer-plugins 0.8.5, might allow remote attackers to execute arbitrary code via crafted Time-to-sample aka...

SUSE CVE-2009-2446

Multiple format string vulnerabilities in the dispatchcommand function in libmysqld/sqlparse.cc in mysqld in MySQL 4.0.0 through 5.0.83 allow remote authenticated users to cause a denial of service daemon crash and possibly have unspecified other impact via format string specifiers in a database...

SUSE CVE-2009-5155

In the GNU C Library aka glibc or libc6 before 2.28, parseregexp in posix/regcomp.c misparses alternatives, which allows attackers to cause a denial of service assertion failure and application exit or trigger an incorrect result by attempting a regular-expression match...

SUSE CVE-2010-1853

Multiple stack-based buffer overflows in the trmagnetParse function in libtransmission/magnet.c in Transmission 1.91 allow remote attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted magnet URL with a large number of 1 tr or 2 ws links...

SUSE CVE-2010-2806

Array index error in the t42parsesfnts function in type42/t42parse.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via negative size values for certain strings in FontType42 font files, leading to a heap-based...

SUSE CVE-2010-3069

Stack-based buffer overflow in the 1 sidparse and 2 domsidparse functions in Samba before 3.5.5 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted Windows Security ID SID on a file share...

SUSE CVE-2010-4341

The pamparseindatav2 function in src/responder/pam/pamsrvcmd.c in the PAM responder in SSSD 1.5.0, 1.4.x, and 1.3 allows local users to cause a denial of service infinite loop, crash, and login prevention via a crafted packet...

SUSE CVE-2011-1006

Heap-based buffer overflow in the parsecgroupspec function in tools/tools-common.c in the Control Group Configuration Library aka libcgroup or libcg before 0.37.1 allows local users to gain privileges via a crafted controller list on the command line of an application. NOTE: it is not clear wheth...