UBUNTU-CVE-2016-6835

The vmxnettxpktparseheaders function in hw/net/vmxnettxpkt.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service buffer over-read by leveraging failure to check IP header length...

collectd 'parse_packet()' function heap buffer overflow vulnerability

collectd is a daemon process used to collect system performance and provide a mechanism for storing different values in various storage methods. The collectd 'parsepacket' function is vulnerable to a heap buffer overflow vulnerability due to the program incorrectly handling incoming network...

The vulnerability of the libxml2 library allows attackers to obtain confidential information, cause service failures, or exert other types of damage.

The vulnerability of the htmlParseComment function in the libxml2 library is caused by buffer overflow. Exploiting this vulnerability could allow an attacker to obtain confidential information, cause service failure termination of the application, or have other effects through an unclosed HTML...

The vulnerability of the libtorrent library, which allows a hacker to trigger a service failure

The vulnerability of the parsechunkheader function in the libtorrent library exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to cause a service failure abrupt termination of operations through a specially crafte...

CVE-2016-3755

decoder/ih264dparsepslice.c in mediaserver in Android 6.x before 2016-07-01 does not properly select concealment frames, which allows remote attackers to cause a denial of service device hang or reboot via a crafted media file, aka internal bug 28470138...

DEBIAN-CVE-2016-5301

The parsechunkheader function in libtorrent before 1.1.1 allows remote attackers to cause a denial of service crash via a crafted 1 HTTP response or possibly a 2 UPnP broadcast...

UBUNTU-CVE-2016-5301

The parsechunkheader function in libtorrent before 1.1.1 allows remote attackers to cause a denial of service crash via a crafted 1 HTTP response or possibly a 2 UPnP broadcast...

DEBIAN-CVE-2016-4579

Libksba before 1.3.4 allows remote attackers to cause a denial of service out-of-bounds read and crash via unspecified vectors, related to the "returned length of the object from ksbaberparsetl."...

DEBIAN-CVE-2016-4447

The xmlParseElementDecl function in parser.c in libxml2 before 2.9.4 allows context-dependent attackers to cause a denial of service heap-based buffer underread and application crash via a crafted file, involving xmlParseName...

PT-2016-7130 · Qemu Team +3 · Qemu +3

Name of the Vulnerable Software and Affected Versions: QEMU aka Quick Emulator affected versions not specified Description: The issue allows local guest OS administrators to cause a denial of service by leveraging failure to check IP header length in the vmxnet tx pkt parse headers function...

CVE-2016-4539

The xmlparseintostruct function in ext/xml/xml.c in PHP before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote attackers to cause a denial of service buffer under-read and segmentation fault or possibly have unspecified other impact via crafted XML data in the second argument,...

expat: arbitrary code execution

CVE-2015-1283 arbitrary code execution Multiple integer overflows in the XMLGetBuffer function allow remote attackers to cause a denial of service heap-based buffer overflow or possibly arbitrary code execution via crafted XML data. This problem has already been fixed in version 2.1.0-1 but this...

OracleVM 3.3 / 3.4 : openssl (OVMSA-2016-0049) (SLOTH)

The remote OracleVM system is missing necessary patches to address critical security updates : - fix CVE-2016-2105 - possible overflow in base64 encoding - fix CVE-2016-2106 - possible overflow in EVPEncryptUpdate - fix CVE-2016-2107 - padding oracle in stitched AES-NI CBC-MAC - fix CVE-2016-2108...

Windows Kernel Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists in Microsoft Windows when the Windows kernel fails to properly handle parsing of certain symbolic links. An attacker who successfully exploited this vulnerability could potentially access privileged registry keys and thereby elevate permissions. An...

Linux kernel denial of service vulnerability (CNVD-2016-02592)

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the United States. A denial of service vulnerability exists in the imspcuparsecdcdata function in the drivers/input/misc/ims-pcu.c file in Linux kernel version 3.10, which can be exploited by a...

The vulnerability of the PHP interpreter allows attackers to obtain confidential information or cause service failures.

The vulnerability of the pharparsezipfile function in zip.c of the PHP PHAR interpreter is caused by buffer overflow. Exploiting this vulnerability can allow an attacker to obtain confidential information or cause a service failure such as out-of-memory reading or application termination by placi...

HackerOne: Previous attachments can be referenced when creating a new report

Hello When user upload file in comment to report, user can find file ID by two ways: 1. In preview mode - In response to POST method https://hackerone.com/attachments , answer will be something like this: -"id":84577,"name":"mytestfile.png","size":32397 where fileID = 84577 for example 2. If user...

The vulnerability of the Android operating system, which allows a hacker to execute arbitrary code or cause a service failure

The vulnerability of the Android operating system’s mediaserver component is due to buffer overflow. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure memory corruption by using a specially crafted media file associated with...

PHP PHAR extension 'phar_parse_zipfile' function buffer overflow vulnerability

PHP is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community.PHAR is one of the archived extensions. A security vulnerability exists in the 'pharparsezipfile' function in the zip.c file of PHP's PHAR extension, which allows a remote...

UBUNTU-CVE-2016-3142

The pharparsezipfile function in zip.c in the PHAR extension in PHP before 5.5.33 and 5.6.x before 5.6.19 allows remote attackers to obtain sensitive information from process memory or cause a denial of service out-of-bounds read and application crash by placing a PK\x05\x06 signature at an inval...