CVE-2025-61770

Rack is a modular Ruby web server interface. In versions prior to 2.2.19, 3.1.17, and 3.2.2, Rack::Multipart::Parser buffers the entire multipart preamble bytes before the first boundary in memory without any size limit. A client can send a large preamble followed by a valid boundary, causing...

RHEL 5 : gdb (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code...

Huawei EulerOS: Security Advisory for gdb (EulerOS-SA-2020-1788)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.6.0 : gdb (EulerOS-SA-2020-1788)

According to the version of the gdb package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - GNU Debugger GDB 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a...

Console Driver Job Object Process Limit Bypass

The console driver in Windows 8.1 can be used to break out of a process with an active process job limit. Recent assessments: busterb at May 09, 2019 5:57pm UTC reported: Attacker requires too much control in advance for this to be useful. Assessed Attacker Value: 1 Assessed Attacker Value:...

EulerOS Virtualization for ARM 64 3.0.5.0 : gdb (EulerOS-SA-2020-1088)

According to the version of the gdb package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - GNU Debugger GDB 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF...

EulerOS 2.0 SP3 : gdb (EulerOS-SA-2019-2584)

According to the version of the gdb packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - GNU Debugger GDB 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can...

EulerOS 2.0 SP2 : gdb (EulerOS-SA-2019-2479)

According to the version of the gdb packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - GNU Debugger GDB 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can...

EulerOS 2.0 SP8 : gdb (EulerOS-SA-2019-2279)

According to the version of the gdb packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - GNU Debugger GDB 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can...

EulerOS 2.0 SP5 : gdb (EulerOS-SA-2019-1965)

According to the version of the gdb packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - GNU Debugger GDB 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can...

CVE-2017-9778

GNU Debugger GDB 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede efforts to analyze malware with GDB...

CVE-2017-9778

GNU Debugger GDB 8.0 and earlier fails to detect a negative length field in a DWARF section. A malformed section in an ELF binary or a core file can cause GDB to repeatedly allocate memory until a process limit is reached. This can, for example, impede efforts to analyze malware with GDB...

CVE-2017-9778

CVE-2017-9778 affects GNU Debugger (GDB) 8.0 and earlier. A malformed DWARF/ELF section can cause GDB to repeatedly allocate memory, potentially exhausting process limits and hindering malware analysis. Connected sources confirm the vulnerability in GDB’s handling of DWARF sections in ELF binarie...

kernel: File descriptors passed over unix sockets are not properly accounted

It was found that the Linux kernel did not properly account file descriptors passed over the unix socket against the process limit. A local user could use this flaw to exhaust all available memory on the system...

kernel: File descriptors passed over unix sockets are not properly accounted

It was found that the Linux kernel did not properly account file descriptors passed over the unix socket against the process limit. A local user could use this flaw to exhaust all available memory on the system...

kernel: File descriptors passed over unix sockets are not properly accounted

It was found that the Linux kernel did not properly account file descriptors passed over the unix socket against the process limit. A local user could use this flaw to exhaust all available memory on the system...

CVE-2014-0240

The modwsgi module before 3.5 for Apache, when daemon mode is enabled, does not properly handle error codes returned by setuid when run on certain Linux kernels, which allows local users to gain privileges via vectors related to the number of running processes...

UBUNTU-CVE-2014-0470

super.c in Super 3.30.0 does not check the return value of the setuid function when the -F flag is set, which allows local users to gain privileges via unspecified vectors, aka an RLIMITNPROC attack...

CVE-2013-4559

lighttpd before 1.4.33 does not check the return value of the 1 setuid, 2 setgid, or 3 setgroups functions, which might cause lighttpd to run as root if it is restarted and allows remote attackers to gain privileges, as demonstrated by multiple calls to the clone function that cause setuid to fai...

Design/Logic Flaw

lighttpd before 1.4.33 does not check the return value of the 1 setuid, 2 setgid, or 3 setgroups functions, which might cause lighttpd to run as root if it is restarted and allows remote attackers to gain privileges, as demonstrated by multiple calls to the clone function that cause setuid to fai...