CVE-2013-4208

The rsaverify function in PuTTY before 0.63 1 does not clear sensitive process memory after use and 2 does not free certain structures containing sensitive process memory, which might allow local users to discover private RSA and DSA keys...

Mandriva Linux Security Advisory : blender (MDVSA-2011:114)

Multiple vulnerabilities have been identified and fixed in blender : oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an...

Mandriva Linux Security Advisory : blender (MDVSA-2011:112)

Multiple vulnerabilities have been identified and fixed in blender : oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an...

Mandriva Update for ffmpeg MDVSA-2011:060 (ffmpeg)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CVE-2011-1092

Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service crash and possibly read sensitive memory via a large third argument to the shmopread function...

Integer overflow

Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service crash and possibly read sensitive memory via a large third argument to the shmopread function...

CVE-2011-1092

Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service crash and possibly read sensitive memory via a large third argument to the shmopread function...

CVE-2011-1092

CVE-2011-1092 refers to an integer overflow in PHP 5.3.x before 5.3.6 (ext/shmop/shmop.c) that can cause a denial of service and potentially read sensitive memory via a large third argument to shmop_read. Public documents confirm PHP 5.3.x

CVE-2011-1092

Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service crash and possibly read sensitive memory via a large third argument to the shmopread function...

Design/Logic Flaw

The keycertify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct...

Memory corruption

The 1 cudaHostAlloc and 2 cuMemHostAlloc functions in the NVIDIA CUDA Toolkit 3.2 developer drivers for Linux 260.19.26, and possibly other versions, do not initialize pinned memory, which allows local users to read potentially sensitive memory, such as file fragments during read or write...

CVE-2010-3062

mysqlndwireprotocol.c in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows remote attackers to 1 read sensitive memory via a modified length value, which is not properly handled by the phpmysqlndokread function; or 2 trigger a heap-based buffer overflow via a modified length value, which is n...

Heap overflow

mysqlndwireprotocol.c in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows remote attackers to 1 read sensitive memory via a modified length value, which is not properly handled by the phpmysqlndokread function; or 2 trigger a heap-based buffer overflow via a modified length value, which is n...

CVE-2010-3062

mysqlndwireprotocol.c in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows remote attackers to 1 read sensitive memory via a modified length value, which is not properly handled by the phpmysqlndokread function; or 2 trigger a heap-based buffer overflow via a modified length value, which is n...

CVE-2010-3062

mysqlndwireprotocol.c in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows remote attackers to 1 read sensitive memory via a modified length value, which is not properly handled by the phpmysqlndokread function; or 2 trigger a heap-based buffer overflow via a modified length value, which is n...

Debian DSA-2005-1 : linux-2.6.24 - privilege escalation/denial of service/sensitive memory leak

NOTE: This kernel update marks the final planned kernel security update for the 2.6.24 kernel in the Debian release 'etch'. Although security support for 'etch' officially ended on Feburary 15th, 2010, this update was already in preparation before that date. Several vulnerabilities have been...

Debian DSA-1996-1 : linux-2.6 - privilege escalation/denial of service/sensitive memory leak

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, sensitive memory leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-3939 Joseph Malicki reported that the dbglvl sysfs...

Debian DSA-1915-1 : linux-2.6 - privilege escalation/denial of service/sensitive memory leak

Notice: Debian 5.0.4, the next point release of Debian 'lenny', will include a new default value for the mmapminaddr tunable. This change will add an additional safeguard against a class of security vulnerabilities known as 'NULL pointer dereference' vulnerabilities, but it will need to be...

Debian DSA-1929-1 : linux-2.6 - privilege escalation/denial of service/sensitive memory leak

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, sensitive memory leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-1883 Solar Designer discovered a missing capability...

Debian DSA-1928-1 : linux-2.6.24 - privilege escalation/denial of service/sensitive memory leak

Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service, sensitive memory leak or privilege escalation. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2009-2846 Michael Buesch noticed a typing issue in the...