6693 matches found
Updated acpica-tools packages fix security vulnerabilities
acpi operand cache leak in dsutils.c CVE-2017-13693. acpi parse and parseext cache leaks CVE-2017-13694. acpi operand cache leak in nseval.c CVE-2017-13695...
Apple iOS v11.2.6 - Camera App QR Spoofing Vulnerability
Document Title: =============== Apple iOS v11.2.6 - Camera App QR Spoofing Vulnerability References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2124 Video: https://www.youtube.com/watch?v=WrgUo4hWyO8 Release Date: ============= 2018-03-28 Vulnerability Laboratory ID VL-ID:...
Netwide Assembler Buffer Out-of-Bounds Read Vulnerability
Netwide Assembler NASM is a Linux-based assembler that creates binaries and writes bootloaders. A buffer out-of-bounds read vulnerability exists in the 'parseline' function of the asm/parser.c file in NASM version 2.13.02rc2, for which there is currently no detailed vulnerability description...
DEBIAN-CVE-2018-8883
Netwide Assembler NASM 2.13.02rc2 has a buffer over-read in the parseline function in asm/parser.c via uncontrolled access to nasmregflags...
CVE-2018-8883
Netwide Assembler NASM 2.13.02rc2 has a buffer over-read in the parseline function in asm/parser.c via uncontrolled access to nasmregflags...
UBUNTU-CVE-2018-8883
Netwide Assembler NASM 2.13.02rc2 has a buffer over-read in the parseline function in asm/parser.c via uncontrolled access to nasmregflags...
Code injection
Netwide Assembler NASM 2.13.02rc2 has a buffer over-read in the parseline function in asm/parser.c via uncontrolled access to nasmregflags...
UBUNTU-CVE-2018-8002
In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete in PdfParserObject.cpp which may result in stack overflow. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file...
Design/Logic Flaw
Huawei DP300 V500R002C00 have a DoS vulnerability due to the lack of validation when the malloc is called. An authenticated local attacker can craft specific XML files to the affected products and parse this file, which result in DoS attacks...
CVE-2017-17148
Huawei DP300 V500R002C00 have a DoS vulnerability due to the lack of validation when the malloc is called. An authenticated local attacker can craft specific XML files to the affected products and parse this file, which result in DoS attacks...
Memory exhaustion vulnerability in libming 'parseSWF_ACTIONRECORD' function
libming is a Flash SWF output library written in C for use in systems developed in PHP, Perl, etc. It can be used to output Flash SWF files to the system. A memory exhaustion vulnerability exists in the 'parseSWFACTIONRECORD' function in the util/parser.c file in libming version 0.4.8. A remote...
DEBIAN-CVE-2018-7726
An issue was discovered in ZZIPlib 0.13.68. There is a bus error caused by the zzipparserootdirectory function of zip.c. Attackers could leverage this vulnerability to cause a denial of service via a crafted zip file...
UBUNTU-CVE-2018-7726
An issue was discovered in ZZIPlib 0.13.68. There is a bus error caused by the zzipparserootdirectory function of zip.c. Attackers could leverage this vulnerability to cause a denial of service via a crafted zip file...
Quagga BGP backend program bgp_packet.c:bgp_capability_msg_parse denial of service vulnerability
Quagga is an open source routing software. Quagga BGP backend program bgppacket.c:bgpcapabilitymsgparse handles BGP OPEN messages with a security vulnerability that allows remote attackers to exploit the vulnerability by submitting a special request for a denial of service attack...
VulnCheck KEV: CVE-2014-7187
Off-by-one error in the readtokenword function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service out-of-bounds array access and application crash or possibly have unspecified other impact via deeply nested for loops, aka the "wordlineno" issue...
GNU Binutils Binary File Descriptor Library Denial of Service Vulnerability (CNVD-2018-05202)
GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utilities developed by the GNU Project to work with object files in a variety of formats, with connectors, assemblers, and other tools for object files and archives.The Binary File Descriptor BFD library a.k.a...
UBUNTU-CVE-2018-7568
The parsedie function in dwarf1.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service integer overflow and application crash via an ELF file with corrupt dwarf1 debug information, as demonstrated by nm...
FreeXL heap buffer out-of-bounds read vulnerability (CNVD-2018-05153)
FreeXL is an open source library for extracting valid data from Excel .xls spreadsheets developed by software developer Alessandro Furieri. A heap buffer out-of-bounds read vulnerability exists in the 'parseSST' function in versions of FreeXL prior to 1.0.5. An attacker can exploit this...
DEBIAN-CVE-2018-7437
An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in a memcpy call of the parseSST function...
UBUNTU-CVE-2018-7438
An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the parseunicodestring function...