CVE-2018-12916

In libpbc.a in PBC through 2017-03-02, there is a Segmentation fault in pbcPmessagedefault in proto.c...

CVE-2024-27318

Versions of the package onnx before and including 1.15.0 are vulnerable to Directory Traversal as the externaldata field of the tensor proto can have a path to the file which is outside the model current directory or user-provided directory. The vulnerability occurs as a bypass for the patch adde...

CVE-2021-22570

Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, leading to an unchecked call into the proto file's name during generation of the resulting error message. Since the symbol is incorrectly parsed, the file is nullptr. We recommend upgrading to...

CVE-2021-22570 Nullptr Dereference in Protobuf

Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, leading to an unchecked call into the proto file's name during generation of the resulting error message. Since the symbol is incorrectly parsed, the file is nullptr. We recommend upgrading to...

PBC Denial of Service Vulnerability (CNVD-2018-15646)

PBC is a Google protocol buffer library written in C. A denial of service vulnerability exists in the 'pbcPmessagedefault' function in the proto.c file of the libpbc.a static link library in PBC 2017-03-02 and earlier versions. An attacker can exploit this vulnerability to cause a denial of servi...

Protobufjs Denial of Service Vulnerability

protobufjs is a JavaScript implementation that can serialize structured data . A denial of service vulnerability exists in protobufjs. An attacker can exploit this vulnerability to cause a denial of service with an invalid specially crafted .proto file...

PT-2018-16161 · Protobufjs · Protobufjs

Name of the Vulnerable Software and Affected Versions: protobufjs versions prior to 5.0.3 protobufjs versions prior to 6.8.6 Description: The issue concerns a regular expression denial of service when parsing crafted invalid .proto files, potentially leading to ReDoS. Recommendations: Update to...

Regular Expression Denial Of Service (ReDoS)

protobufjs is vulnerable to regular expression denial of service ReDoS. The attack can be triggered when the attacker parses or loads .proto file sources using malicious file or regex or string...

DEBIAN-CVE-2016-2851

Integer overflow in proto.c in libotr before 4.1.1 on 64-bit platforms allows remote attackers to cause a denial of service memory corruption and application crash or execute arbitrary code via a series of large OTR messages, which triggers a heap-based buffer overflow...