6908 matches found
DEBIAN-CVE-2017-12482
The ledger::parsedatemaskroutine function in times.cc in Ledger 3.1.1 allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact via a crafted file...
UBUNTU-CVE-2017-12482
The ledger::parsedatemaskroutine function in times.cc in Ledger 3.1.1 allows remote attackers to cause a denial of service stack-based buffer overflow and application crash or possibly have unspecified other impact via a crafted file...
DEBIAN-CVE-2017-12418
ImageMagick 7.0.6-5 has memory leaks in the parse8BIMW and format8BIM functions in coders/meta.c, related to the WriteImage function in MagickCore/constitute.c...
AZL-7263 CVE-2017-11551 affecting package libid3tag 0.15.1b-33
The id3fieldparse function in field.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service OOM via a crafted MP3 file...
ALPINE-CVE-2017-11551
The id3fieldparse function in field.c in libid3tag 0.15.1b allows remote attackers to cause a denial of service OOM via a crafted MP3 file...
PT-2017-12095 · Underbit +2 · Libid3Tag +2
Name of the Vulnerable Software and Affected Versions: libid3tag version 0.15.1b Description: The issue allows remote attackers to cause a denial of service OOM via a crafted MP3 file. This is due to a problem in the id3 field parse function in field.c. Recommendations: For libid3tag version...
Remote Code Execution (RCE)
Symfony is vulnerable to remote code execution RCE attacks. The Yaml::parse allows attackers to execute PHP code through a PHP file...
Remote Code Execution (RCE)
Symfony is vulnerable to remote code execution RCE. A malicious user can pass a serialized PHP object to YAML:parse or Yaml\Parser::parse functions to inject and execute arbitrary code...
reSIProcate 'SdpContents::Session::Medium::parse' function denial of service vulnerability
reSIProcate is a C++ implementation of protocols such as SIP Session Initiation Protocol, ICE P2P Communication Protocol and TURN Profile Transfer Protocol. A security vulnerability exists in the 'SdpContents::Session::Medium::parse' function of the resip/stack/SdpContents.cxx file in reSIProcate...
DEBIAN-CVE-2017-11626
A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDFTokenizer::resolveLiteral function in QPDFTokenizer.cc after four consecutive calls to QPDFObjectHandle::parseInternal, aka an "infinite...
CVE-2017-11464
A SIGFPE is raised in the function boxblurline of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero...
Design/Logic Flaw
The SdpContents::Session::Medium::parse function in resip/stack/SdpContents.cxx in reSIProcate 1.10.2 allows remote attackers to cause a denial of service memory consumption by triggering many media connections...
CVE-2017-11521
The SdpContents::Session::Medium::parse function in resip/stack/SdpContents.cxx in reSIProcate 1.10.2 allows remote attackers to cause a denial of service memory consumption by triggering many media connections...
CVE-2017-11521
The SdpContents::Session::Medium::parse function in resip/stack/SdpContents.cxx in reSIProcate 1.10.2 allows remote attackers to cause a denial of service memory consumption by triggering many media connections...
CVE-2017-11521
The SdpContents::Session::Medium::parse function in resip/stack/SdpContents.cxx in reSIProcate 1.10.2 allows remote attackers to cause a denial of service memory consumption by triggering many media connections...
CVE-2017-11521
The SdpContents::Session::Medium::parse function in resip/stack/SdpContents.cxx in reSIProcate 1.10.2 allows remote attackers to cause a denial of service memory consumption by triggering many media connections...
CVE-2017-11521
Removed by vendor...
collectd: Infinite loop due to incorrect interaction of parse_packet() and parse_part_sign_sha256() functions
collectd contains an infinite loop due to how the parsepacket and parsepartsignsha256 functions interact. If an instance of collectd is configured with "SecurityLevel None" and empty "AuthFile" options, an attacker can send crafted UDP packets that trigger the infinite loop, causing a denial of...
CVE-2017-11464
A SIGFPE is raised in the function boxblurline of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero...
PHP msgfmt_parse_message stack buffer overflow vulnerability
PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. The language supports multiple syntaxes, multiple databases and operating systems, and support for C, C++ for program extensions and so on. A...