UBUNTU-CVE-2017-6309

An issue was discovered in tnef before 1.4.13. Two type confusions have been identified in the parsefile function. These might lead to invalid read and write operations, controlled by an attacker...

CVE-2017-6309

An issue was discovered in tnef before 1.4.13. Two type confusions have been identified in the parsefile function. These might lead to invalid read and write operations, controlled by an attacker...

tnef 'parse_file()' function denial of service vulnerability

tnef is a set of programs for decompressing MIME attachments. A security vulnerability in the tnef 'parsefile' function allows an attacker to exploit the vulnerability to submit a special file for a denial-of-service attack that could crash the application...

UBUNTU-CVE-2016-9831

Heap-based buffer overflow in the parseSWFRGBA function in parser.c in the listswf tool in libming 0.4.7 allows remote attackers to have unspecified impact via a crafted SWF file...

PHP integer overflow vulnerability (CNVD-2017-01946)

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. An...

PHP buffer overflow vulnerability (CNVD-2017-01945)

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A...

UBUNTU-CVE-2015-8979

Stack-based buffer overflow in the parsePresentationContext function in storescp in DICOM dcmtk-3.6.0 and earlier allows remote attackers to cause a denial of service segmentation fault via a long string sent to TCP port 4242...

GStreamer gst_avi_demux_parse_ncdt function denial of service vulnerability

GStreamer is an open source multimedia framework. GStreamer has a security vulnerability in the gst-plugins-good/gst/avi/gstavidemux.c/gstavidemuxparsencdt function, which causes a denial of service for remote attackers...

DEBIAN-CVE-2017-5840

The qtdemuxparsesamples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service out-of-bounds heap read via vectors involving the current stts index...

ALPINE-CVE-2017-5840

The qtdemuxparsesamples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service out-of-bounds heap read via vectors involving the current stts index...

UBUNTU-CVE-2017-5840

The qtdemuxparsesamples function in gst/isomp4/qtdemux.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service out-of-bounds heap read via vectors involving the current stts index...

ALPINE-CVE-2017-5483

The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1parse...

DEBIAN-CVE-2017-5483

The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1parse...

UBUNTU-CVE-2016-7929

The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-juniper.c:juniperparseheader...

UBUNTU-CVE-2017-5483

The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1parse...

UBUNTU-CVE-2015-8858

The uglify-js package before 2.6.0 for Node.js allows attackers to cause a denial of service CPU consumption via crafted input in a parse call, aka a "regular expression denial of service ReDoS."...

DEBIAN-CVE-2015-8858

The uglify-js package before 2.6.0 for Node.js allows attackers to cause a denial of service CPU consumption via crafted input in a parse call, aka a "regular expression denial of service ReDoS."...

CVE-2015-8858

The uglify-js package before 2.6.0 for Node.js allows attackers to cause a denial of service CPU consumption via crafted input in a parse call, aka a "regular expression denial of service ReDoS."...

CVE-2015-8858

The uglify-js package before 2.6.0 for Node.js allows attackers to cause a denial of service CPU consumption via crafted input in a parse call, aka a "regular expression denial of service ReDoS."...

libass: Attempting free in parse_events

Project: https://github.com/libass/libass.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=5420800962199552 Project: libass Fuzzer: libFuzzerlibassfuzzer Fuzz target binary: libassfuzzer Job Type: libfuzzerasanlibass Platform Id: linux Crash Type: Attempting free Crash...