CVE-2016-6331

ApiParse in MediaWiki before 1.23.15, 1.26.x before 1.26.4, and 1.27.x before 1.27.1 allows remote attackers to bypass intended per-title read restrictions via a parse action to api.php...

Google gRPC heap buffer overflow vulnerability (CNVD-2017-06015)

gRPC is an open source RPC framework . A heap buffer overflow vulnerability exists in the parseunix function within Google gRPC core/ext/clientchannel/parseaddress.c, which allows remote attackers to exploit the vulnerability to submit a special request to execute arbitrary code...

PT-2017-18028 · Gnome +2 · Libcroco +2

Name of the Vulnerable Software and Affected Versions: libcroco versions 0.6.11 through 0.6.12 Description: The issue is related to an "outside the range of representable values of type long" undefined behavior in the cr tknzr parse rgb function, which could potentially allow remote attackers to...

UBUNTU-CVE-2017-7860

Google gRPC before 2017-02-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the parseunix function in core/ext/clientchannel/parseaddress.c...

DEBIAN-CVE-2017-7860

Google gRPC before 2017-02-22 has an out-of-bounds write caused by a heap-based buffer overflow related to the parseunix function in core/ext/clientchannel/parseaddress.c...

PT-2017-17955 · Gnu +2 · Gnu Osip +2

Name of the Vulnerable Software and Affected Versions: GNU oSIP versions 4.1.0 through 5.0.0 Description: A malformed SIP message can cause a heap buffer overflow in the msg osip body parse function, leading to a remote denial of service. This issue is related to the osip message parse.c file in...

dlplibs: Stack-buffer-overflow in StarWriterStruct::DatabaseName::read

Detailed report: https://oss-fuzz.com/testcase?key=5177092629069824 Project: dlplibs Fuzzer: libFuzzerdlplibssdwfuzzer Fuzz target binary: sdwfuzzer Job Type: libfuzzerasandlplibs Platform Id: linux Crash Type: Stack-buffer-overflow WRITE 4 Crash Address: 0x7f3a03d7f378 Crash State:...

libplist 'parse_string_node()' function local denial of service vulnerability

libplist is a small portable C library that handles Apple Property List files in binary or XML. A denial of service vulnerability exists in libimobiledevice libplist version 1.12 in the parsestringnode function in bplist.c, which can cause a denial of service memory allocation error by a local us...

wildfly: ParseState headerValuesCache can be exploited to fill heap with garbage

It was found that JBoss EAP 7 Header Cache was inefficient. An attacker could use this flaw to cause a denial of service attack...

wildfly: ParseState headerValuesCache can be exploited to fill heap with garbage

It was found that JBoss EAP 7 Header Cache was inefficient. An attacker could use this flaw to cause a denial of service attack...

Improper Input Validation

Overview Affected versions of this package are vulnerable to Improper Input Validation. The parsecharclass function in regparse.c in the Onigmo aka Oniguruma-mod regular expression library, as used in Ruby 2.4.0, allows remote attackers to cause a denial of service deep recursion and application...

PT-2017-16760

Name of the Vulnerable Software and Affected Versions YARA version 3.5.0 Description The issue allows remote attackers to cause a denial of service, resulting in a heap-based out-of-bounds read and application crash. This occurs when a crafted rule is mishandled in the yara yyparse function...

DoS caused by infinite recursion (stack overflow) in parse_char_class()

The parsecharclass function in regparse.c in the Onigmo aka Oniguruma-mod regular expression library, as used in Ruby 2.4.0, allows remote attackers to cause a denial of service deep recursion and application crash via a crafted regular expression...

wildfly: ParseState headerValuesCache can be exploited to fill heap with garbage

It was found that JBoss EAP 7 Header Cache was inefficient. An attacker could use this flaw to cause a denial of service attack...

DEBIAN-CVE-2016-10196

Stack-based buffer overflow in the evutilparsesockaddrport function in evutil.c in libevent before 2.1.6-beta allows attackers to cause a denial of service segmentation fault via vectors involving a long string in brackets in the ipasstring argument...

ALPINE-CVE-2016-10195

The nameparse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the labellen variable, which triggers an out-of-bounds stack read...

DEBIAN-CVE-2017-6439

Heap-based buffer overflow in the parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service out-of-bounds write via a crafted plist file...

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write. Heap-based buffer overflow in the parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service out-of-bounds write via a crafted plist file. Remediation Ther...

DEBIAN-CVE-2017-6436

The parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service memory allocation error via a crafted plist file...

UBUNTU-CVE-2017-6435

The parsestringnode function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service memory corruption via a crafted plist file...