CVE-2018-20994

CVE-2018-20994 affects the Rust crate trust-dns-proto prior to 0.5.0-alpha.3. The issue is infinite recursion/stack overflow caused by incorrect handling of DNS message compression (RFC1035 section 4.1.4). Connected advisories (e.g., RUSTSEC-2018-0007, GHSA-369H-PJR2-6WRH, Red Hat RH/CVE-2018-209...

CVE-2018-20993

The CVE-2018-20993 entry concerns the yaml-rust crate for Rust, where versions before 0.4.1 allow uncontrolled recursion during deserialization. Affected is the yaml-rust crate (pre-0.4.1); impact is potential disruption/crash due to recursion depth. Remediation: upgrade to 0.4.1 or newer; if upg...

CVE-2018-20993

An issue was discovered in the yaml-rust crate before 0.4.1 for Rust. There is uncontrolled recursion during deserialization...

CVE-2018-20993

An issue was discovered in the yaml-rust crate before 0.4.1 for Rust. There is uncontrolled recursion during deserialization...

DEBIAN-CVE-2019-15144

In DjVuLibre 3.5.27, the sorting functionality aka GArrayTemplate::sort allows attackers to cause a denial-of-service application crash due to an Uncontrolled Recursion by crafting a PBM image file that is mishandled in libdjvu/GContainer.h...

UBUNTU-CVE-2019-15144

In DjVuLibre 3.5.27, the sorting functionality aka GArrayTemplate::sort allows attackers to cause a denial-of-service application crash due to an Uncontrolled Recursion by crafting a PBM image file that is mishandled in libdjvu/GContainer.h...

CVE-2019-15144

In DjVuLibre 3.5.27, the sorting functionality aka GArrayTemplate::sort allows attackers to cause a denial-of-service application crash due to an Uncontrolled Recursion by crafting a PBM image file that is mishandled in libdjvu/GContainer.h...

CVE-2019-15144

In DjVuLibre 3.5.27, the sorting functionality aka GArrayTemplate::sort allows attackers to cause a denial-of-service application crash due to an Uncontrolled Recursion by crafting a PBM image file that is mishandled in libdjvu/GContainer.h...

CVE-2019-15144

DjVuLibre 3.5.27 contains a denial-of-service flaw in GArrayTemplate::sort triggered by crafted PBM files (libdjvu/GContainer.h). This CVE is CVE-2019-15144. Connected advisories (Debian, Mageia, Gentoo, Fedora, Cloud Foundry, Astra Linux) confirm the issue and note fixes/updates to djvulibre pac...

DEBIAN-CVE-2019-15118

checkinputterm in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion...

CVE-2019-15118

checkinputterm in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion...

CVE-2019-15118

checkinputterm in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion...

UBUNTU-CVE-2019-15118

checkinputterm in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion...

Stack overflow

checkinputterm in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion...

CVE-2019-15118

checkinputterm in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion...

PT-2019-13997 · Linux +3 · Linux Kernel +3

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.2.9 Description: The issue is related to the check input term function in the sound/usb/mixer.c file of the Linux kernel, which mishandles recursion. This leads to kernel stack exhaustion. Recommendations: For...

NewStart CGSL CORE 5.04 / MAIN 5.04 : poppler Multiple Vulnerabilities (NS-SA-2019-0045)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has poppler packages installed that are affected by multiple vulnerabilities: - Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as...

NewStart CGSL MAIN 4.05 : bind Multiple Vulnerabilities (NS-SA-2019-0102)

The remote NewStart CGSL host, running version MAIN 4.05, has bind packages installed that are affected by multiple vulnerabilities: - A flaw was found in the way BIND handled TSIG authentication for dynamic updates. A remote attacker able to communicate with an authoritative BIND server could us...

Denial Of Service (DoS)

libxkbcommon is vulnerable to denial of service DoS. The vulnerability exists through an endless recursion in xkbcomp/expr.c resulting in a crash...

exiv2: infinite recursion in Exiv2::Image::printTiffStructure in file image.cpp resulting in denial of service

An issue was discovered in Exiv2 0.27. There is infinite recursion at Exiv2::Image::printTiffStructure in the file image.cpp. This can be triggered by a crafted file. It allows an attacker to cause Denial of Service Segmentation fault or possibly have unspecified other impact...