Static Code Analyzer: PVS-Studio

Static Code Analyzer PVS-Studio performs static code analysis and generates a report that helps a programmer find and fix bugs. PVS-Studio performs a wide range of code checks, it is also useful to search for misprints and Copy-Paste errors. Examples of such errors: V501 , V517 , V522 , V523 ,...

CVE-2017-8399

PCRE2 before 10.30 has an out-of-bounds write caused by a stack-based buffer overflow in pcre2match.c, related to a "pattern with very many captures."...

Stack overflow

PCRE2 before 10.30 has an out-of-bounds write caused by a stack-based buffer overflow in pcre2match.c, related to a "pattern with very many captures."...

UBUNTU-CVE-2016-9954

The backtrack compilation code in the Irregex package aka IrRegular Expressions before 0.9.6 for Scheme allows remote attackers to cause a denial of service memory consumption via a crafted regular expression with a repeating pattern...

CVE-2016-9954

The backtrack compilation code in the Irregex package aka IrRegular Expressions before 0.9.6 for Scheme allows remote attackers to cause a denial of service memory consumption via a crafted regular expression with a repeating pattern...

F5 Networks BIG-IP : F5 management sshd vulnerability (K92140924)

An undisclosed traffic pattern received on an F5 management interface may cause the Secure Shell Daemon sshd to stop responding, resulting in a Denial-of-Service DoS. CVE-2017-6128 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from F5...

[SECURITY] [DSA 3796-2] sitesummary regression update

------------------------------------------------------------------------- Debian Security Advisory DSA-3796-2 [email protected] https://www.debian.org/security/ Sebastien Delafond March 20, 2017 https://www.debian.org/security/faq -...

DEBIAN-CVE-2015-8984

The fnmatch function in the GNU C Library aka glibc or libc6 before 2.22 might allow context-dependent attackers to cause a denial of service application crash via a malformed pattern, which triggers an out-of-bounds read...

CVE-2015-8984

The fnmatch function in the GNU C Library aka glibc or libc6 before 2.22 might allow context-dependent attackers to cause a denial of service application crash via a malformed pattern, which triggers an out-of-bounds read...

Foxit Reader Pattern Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

Foxit Reader < 8.2.1 Multiple Vulnerabilities

Binary data 9985.prm...

UBUNTU-CVE-2016-9558

1 libdwarf/dwarfleb.c and 2 dwarfdump/printframes.c in libdwarf before 20161124 allow remote attackers to have unspecified impact via a crafted bit pattern in a signed leb number, aka a "negation overflow."...

CVE-2016-9558

1 libdwarf/dwarfleb.c and 2 dwarfdump/printframes.c in libdwarf before 20161124 allow remote attackers to have unspecified impact via a crafted bit pattern in a signed leb number, aka a "negation overflow."...

CVE-2016-9558

1 libdwarf/dwarfleb.c and 2 dwarfdump/printframes.c in libdwarf before 20161124 allow remote attackers to have unspecified impact via a crafted bit pattern in a signed leb number, aka a "negation overflow."...

CVE-2016-9558

1 libdwarf/dwarfleb.c and 2 dwarfdump/printframes.c in libdwarf before 20161124 allow remote attackers to have unspecified impact via a crafted bit pattern in a signed leb number, aka a "negation overflow."...

CVE-2016-9558

The CVE-2016-9558 issue affects libdwarf: specifically the code in libdwarf/dwarf_leb.c and dwarfdump/print_frames.c. A crafted bit pattern in a signed leb number can trigger a negation overflow, exposed in libdwarf versions before 20161124. This is described as having unspecified impact for remo...

UBUNTU-CVE-2016-6233

The 1 order and 2 group methods in ZendDbSelect in the Zend Framework before 1.12.19 might allow remote attackers to conduct SQL injection attacks via vectors related to use of the character pattern \w in a regular expression...

Design/Logic Flaw

An undisclosed traffic pattern received by a BIG-IP Virtual Server with TCP Fast Open enabled may cause the Traffic Management Microkernel TMM to restart, resulting in a Denial-of-Service DoS...

CVE-2016-9249

CVE-2016-9249 affects F5 BIG-IP TMM when TCP Fast Open is enabled. An undisclosed traffic pattern can cause TMM to restart on BIG-IP Virtual Servers, leading to a DoS. Vendor advisory K71282001 lists vulnerable BIG-IP versions (e.g., BIG-IP LTM 12.0.0–12.1.1, AAM 12.0.0–12.1.1, AFM 12.0.0–12.1.1,...

CVE-2016-10116

NETGEAR Arlo base stations with firmware 1.7.56178 and earlier, Arlo Q devices with firmware 1.8.05551 and earlier, and Arlo Q Plus devices with firmware 1.8.16094 and earlier use a pattern of adjective, noun, and three-digit number for the customized password, which makes it easier for remote...