388 matches found
FreeBSD : bro -- NULL pointer dereference and Signed integer overflow (f56669f5-d799-4ff5-9174-64a6d571c451)
Jon Siwek of Corelight reports : This is a security patch release to address potential Denial of Service vulnerabilities : - NULL pointer dereference in the RPC analysis code. RPC analyzers e.g. MOUNT or NFS are not enabled in the default configuration. - Signed integer overflow in BinPAC-generat...
QEMU: device_tree: heap buffer overflow while loading device tree blob
A heap buffer overflow issue was found in the loaddevicetree function of QEMU, which is invoked to load a device tree blob at boot time. It occurs due to device tree size manipulation before buffer allocation, which could overflow a signed int type. A user/process could use this flaw to potential...
QEMU: device_tree: heap buffer overflow while loading device tree blob
A heap buffer overflow issue was found in the loaddevicetree function of QEMU, which is invoked to load a device tree blob at boot time. It occurs due to device tree size manipulation before buffer allocation, which could overflow a signed int type. A user/process could use this flaw to potential...
QEMU: device_tree: heap buffer overflow while loading device tree blob
A heap buffer overflow issue was found in the loaddevicetree function of QEMU, which is invoked to load a device tree blob at boot time. It occurs due to device tree size manipulation before buffer allocation, which could overflow a signed int type. A user/process could use this flaw to potential...
QEMU: device_tree: heap buffer overflow while loading device tree blob
A heap buffer overflow issue was found in the loaddevicetree function of QEMU, which is invoked to load a device tree blob at boot time. It occurs due to device tree size manipulation before buffer allocation, which could overflow a signed int type. A user/process could use this flaw to potential...
QEMU: device_tree: heap buffer overflow while loading device tree blob
A heap buffer overflow issue was found in the loaddevicetree function of QEMU, which is invoked to load a device tree blob at boot time. It occurs due to device tree size manipulation before buffer allocation, which could overflow a signed int type. A user/process could use this flaw to potential...
CVE-2019-11072
lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a malicious HTTP GET request, as demonstrated by mishandling of /%2F? in burlnormalize2Ftoslashfix in burl.c. NOTE:...
PT-2019-5414 · Lighttpd +1 · Lighttpd +1
Name of the Vulnerable Software and Affected Versions: lighttpd versions prior to 1.4.54 Description: The issue is related to a signed integer overflow in lighttpd, which could allow remote attackers to cause a denial of service application crash or possibly have other unspecified impacts via a...
openSUSE Security Update : the Linux Kernel (openSUSE-2019-769)
The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-14633: A security flaw was found in the chapservercomputemd5 function in the ISCSI target code in a way an authentication request from an ISCSI initiator is...
openSUSE Security Update : podofo (openSUSE-2019-66)
This update for podofo version 0.9.6 fixes the following issues : Security issues fixed : - CVE-2017-5852: Fix a infinite loop in PoDoFo::PdfPage::GetInheritedKeyFromObject PdfPage.cpp boo1023067 - CVE-2017-5854: Fix a NULL pointer dereference in PdfOutputStream.cpp boo1023070 - CVE-2017-5886: Fi...
PHP 7.1.x < 7.1.1 Multiple Vulnerabilities
According to its banner, the version of PHP running on the remote web server is 7.1.x prior to 7.1.1. It is, therefore, affected by the following vulnerabilities : - A use-after-free error exists that is triggered when handling unserialized object properties. An unauthenticated, remote attacker c...
CVE-2018-18438
Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value...
CVE-2018-18438
Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value...
CVE-2018-18438
Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value...
CVE-2018-18438
Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value...
CVE-2018-18438
Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value...
CVE-2018-18438
Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value...
UBUNTU-CVE-2018-14343
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ASN.1 BER dissector could crash. This was addressed in epan/dissectors/packet-ber.c by ensuring that length values do not exceed the maximum signed integer...
DEBIAN-CVE-2018-14343
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ASN.1 BER dissector could crash. This was addressed in epan/dissectors/packet-ber.c by ensuring that length values do not exceed the maximum signed integer...
CVE-2018-14343
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the ASN.1 BER dissector could crash. This was addressed in epan/dissectors/packet-ber.c by ensuring that length values do not exceed the maximum signed integer...