Lucene search
K

58 matches found

RedHat Linux
RedHat Linux
added 2018/10/30 12:5 p.m.3 views

kernel: Buffer overflow in hidp_process_report

A buffer overflow due to a singed-unsigned comparsion was found in hidpprocessreport in the net/bluetooth/hidp/core.c in the Linux kernel. The buffer length is an unsigned int but gets cast to a signed int which in certain conditions can lead to a system panic and a denial-of-service...

8.4CVSS7.3AI score0.00456EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2018/08/28 12:53 p.m.55 views

CVE-2018-9363

A buffer overflow due to a singed-unsigned comparsion was found in hidpprocessreport in the net/bluetooth/hidp/core.c in the Linux kernel. The buffer length is an unsigned int but gets cast to a signed int which in certain conditions can lead to a system panic and a denial-of-service...

8.4CVSS4.2AI score0.00456EPSS
Exploits0References2
OSV
OSV
added 2018/08/24 7:29 p.m.2 views

DEBIAN-CVE-2018-14600

An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write of up to 128 bytes, leading to DoS or remote code execution...

9.8CVSS9.7AI score0.09341EPSS
Exploits0References1
OSV
OSV
added 2018/03/12 2:29 a.m.1 views

DEBIAN-CVE-2014-8129

LibTIFF 4.0.3 allows remote attackers to cause a denial of service out-of-bounds write or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tifnext.c to verify that the BitsPerSample value is 2, and the t2psamplelabsignedtounsigned function in tiff2pdf...

8.8CVSS9.5AI score0.03821EPSS
Exploits1References1
OSV
OSV
added 2017/07/17 1:18 p.m.4 views

DEBIAN-CVE-2017-9951

The tryreadcommand function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service segmentation fault via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read. NOTE: this vulnerabili...

7.5CVSS7AI score0.04166EPSS
Exploits1References1
OSV
OSV
added 2017/07/17 1:18 p.m.3 views

ALPINE-CVE-2017-9951

The tryreadcommand function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service segmentation fault via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read. NOTE: this vulnerabili...

7.5CVSS7AI score0.04166EPSS
Exploits1References1
OSV
OSV
added 2017/07/17 12:0 a.m.4 views

UBUNTU-CVE-2017-9951

The tryreadcommand function in memcached.c in memcached before 1.4.39 allows remote attackers to cause a denial of service segmentation fault via a request to add/set a key, which makes a comparison between signed and unsigned int and triggers a heap-based buffer over-read. NOTE: this vulnerabili...

7.5CVSS7.4AI score0.04166EPSS
Exploits1References6
securityvulns
securityvulns
added 2009/04/18 12:0 a.m.29 views

mpg123 signed-unsigned conversion vulnerability

Integer sign mismatch error on ID3 MP3 tags parsing...

10CVSS3.8AI score0.05437EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2007/06/01 12:30 a.m.26 views

CVE-2007-2867

Multiple vulnerabilities in the layout engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service crash via vectors related to dangling pointer...

9.3CVSS6.8AI score0.03407EPSS
Exploits0References60
Prion
Prion
added 2007/06/01 12:30 a.m.23 views

Heap overflow

Multiple vulnerabilities in the layout engine for Mozilla Firefox 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, Thunderbird 1.5.x before 1.5.0.12 and 2.x before 2.0.0.4, and SeaMonkey 1.0.9 and 1.1.2 allow remote attackers to cause a denial of service crash via vectors related to dangling pointer...

9.3CVSS6.8AI score0.03407EPSS
Exploits0References60Affected Software3
RedHat Linux
RedHat Linux
added 2007/03/14 12:18 a.m.60 views

gnupg/gpgme signed message spoofing

GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote attackers to forge the contents of a message without detection...

5CVSS5.9AI score0.05359EPSS
Exploits0References4
OSV
OSV
added 2007/03/06 8:19 p.m.1 views

DEBIAN-CVE-2007-1263

GnuPG 1.4.6 and earlier and GPGME before 1.1.4, when run from the command line, does not visually distinguish signed and unsigned portions of OpenPGP messages with multiple components, which might allow remote attackers to forge the contents of a message without detection...

5CVSS7AI score0.05359EPSS
Exploits0References1
securityvulns
securityvulns
added 2006/09/26 12:0 a.m.50 views

Multiple FreeBSD kernel integer overflow

Integer overflow and signed/unsigned conversion problems in i386setldt...

5.1AI score
Exploits0References2Affected Software1
securityvulns
securityvulns
added 2006/08/21 12:0 a.m.33 views

[Full-disclosure] RealVNC 4.1.2 minor heap corruption/DoS vulnerability (authentication required)

This vulnerability affects the latest version of RealVNC 4.1.2 on all platforms. It is tested on Windows. To exploit the vulnerability, the attacker must either control a connected and authenticated client connected to a vulnerable VNC server or control a VNC server with at least one vulnerable...

7.9AI score
Exploits0
RedHat Linux
RedHat Linux
added 2006/01/17 8:36 a.m.5 views

security flaw

The procfs code procmisc.c in Linux 2.6.14.3 and other versions before 2.6.15 allows attackers to read sensitive kernel memory via unspecified vectors in which a signed value is added to an unsigned value...

2.1CVSS5.9AI score0.01047EPSS
Exploits5References4
securityvulns
securityvulns
added 2003/07/30 12:0 a.m.29 views

Remote Linux Kernel < 2.4.21 DoS in XDR routine.

Hello all, I have discovered a signed/unsigned issue in a routine responsible for demarshalling XDR data for NFSv3 procedure calls. As far as I can tell, this bug has existed since NFSv3 support was integrated. It has been silently fixed in 2.4.21. The bug is in the decodefh routine of...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2002/11/20 12:0 a.m.26 views

Signed/unsigned conversion bug in wwwoffled

Content-Length integer type bug...

3.3AI score
Exploits0References1
securityvulns
securityvulns
added 2001/08/22 12:0 a.m.48 views

Ошибки в sendmail debug (signed/unsigned)

при использовании ключа -d используется знаковое число после присвоения ему беззнакового значения в качестве индекса массива, что позволяет адресовать отрицательное смещение...

0.4AI score
Exploits0References1Affected Software1
Rows per page
Query Builder