6907 matches found
DEBIAN-CVE-2017-5483
The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1parse...
UBUNTU-CVE-2016-7929
The Juniper PPPoE ATM parser in tcpdump before 4.9.0 has a buffer overflow in print-juniper.c:juniperparseheader...
UBUNTU-CVE-2017-5483
The SNMP parser in tcpdump before 4.9.0 has a buffer overflow in print-snmp.c:asn1parse...
UBUNTU-CVE-2015-8858
The uglify-js package before 2.6.0 for Node.js allows attackers to cause a denial of service CPU consumption via crafted input in a parse call, aka a "regular expression denial of service ReDoS."...
DEBIAN-CVE-2015-8858
The uglify-js package before 2.6.0 for Node.js allows attackers to cause a denial of service CPU consumption via crafted input in a parse call, aka a "regular expression denial of service ReDoS."...
CVE-2015-8858
The uglify-js package before 2.6.0 for Node.js allows attackers to cause a denial of service CPU consumption via crafted input in a parse call, aka a "regular expression denial of service ReDoS."...
CVE-2015-8858
The uglify-js package before 2.6.0 for Node.js allows attackers to cause a denial of service CPU consumption via crafted input in a parse call, aka a "regular expression denial of service ReDoS."...
libass: Attempting free in parse_events
Project: https://github.com/libass/libass.git Detailed report: https://clusterfuzz-external.appspot.com/testcase?key=5420800962199552 Project: libass Fuzzer: libFuzzerlibassfuzzer Fuzz target binary: libassfuzzer Job Type: libfuzzerasanlibass Platform Id: linux Crash Type: Attempting free Crash...
ALPINE-CVE-2016-9809
Off-by-one error in the gsth264parsesetcaps function in GStreamer before 1.10.2 allows remote attackers to have unspecified impact via a crafted file, which triggers an out-of-bounds read...
DEBIAN-CVE-2016-9813
The parsepat function in the mpegts parser in GStreamer before 1.10.2 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a crafted file...
UBUNTU-CVE-2016-9813
The parsepat function in the mpegts parser in GStreamer before 1.10.2 allows remote attackers to cause a denial of service NULL pointer dereference and crash via a crafted file...
BlueZ userland utilities vulnerable to buffer overflow
Overview BlueZ provides a Bluetooth protocol stack for Linux kernel and userland utilities. parseline function used in some userland utilities contains a buffer overflow vulnerability. Hiroki MATSUKUMA of Cyber Defense Institute, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with...
HTTP Header Injection
excon is vulnerable to HTTP header injection vulnerability. It does not properly parse the path, allowing attackers to inject arbitrary headers in requests or even create a new evil request...
Information Disclosure
parse-server is vulnerable to information disclosures. A malicious user can view personal identifiable information when querying the database without authorization...
DEBIAN-CVE-2016-4303
The parsestring function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote attackers to cause a denial of service crash or execute arbitrary code via a non-hex character in a JSON string, which triggers a heap-based buffer overflow...
UBUNTU-CVE-2016-4303
The parsestring function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote attackers to cause a denial of service crash or execute arbitrary code via a non-hex character in a JSON string, which triggers a heap-based buffer overflow...
CVE-2016-4303
The parsestring function in cjson.c in the cJSON library mishandles UTF8/16 strings, which allows remote attackers to cause a denial of service crash or execute arbitrary code via a non-hex character in a JSON string, which triggers a heap-based buffer overflow...
DEBIAN-CVE-2016-4302
Heap-based buffer overflow in the parsecodes function in archivereadsupportformatrar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a zero-sized dictionary...
ALPINE-CVE-2016-4302
Heap-based buffer overflow in the parsecodes function in archivereadsupportformatrar.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a RAR file with a zero-sized dictionary...
DEBIAN-CVE-2016-4301
Stack-based buffer overflow in the parsedevice function in archivereadsupportformatmtree.c in libarchive before 3.2.1 allows remote attackers to execute arbitrary code via a crafted mtree file...