CVE-2018-12066

CVE-2018-12066 affects the BIRD Internet Routing Daemon prior to 1.6.4. An attacker with local access can trigger a denial of service (stack consumption and daemon crash) via crafted BGP mask expressions in birdc. Multiple connected sources confirm the fix is in Bird 1.6.4; Fedora advisories and ...

openSUSE Security Update : libsass (openSUSE-2017-1250)

This update for libsass fixes the following DoS vulnerabilities : - CVE-2017-11554: Stack consumption vulnerability allowed remote DoS via crafted input 1050148 - CVE-2017-11555: Illegal address access in Eval::operator allowed remote DoS via crafted input boo1050149 - CVE-2017-11556: Stack...

ALPINE-CVE-2017-15595

An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service unbounded recursion, stack consumption, and hypervisor crash or possibly gain privileges via crafted page-table stacking...

CVE-2017-15595

An issue was discovered in Xen through 4.9.x allowing x86 PV guest OS users to cause a denial of service unbounded recursion, stack consumption, and hypervisor crash or possibly gain privileges via crafted page-table stacking...

CVE-2017-14861

There is a stack consumption vulnerability in the Exiv2::Internal::stringFormat function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack...

CVE-2017-14861

There is a stack consumption vulnerability in the Exiv2::Internal::stringFormat function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack...

CVE-2017-14861

CVE-2017-14861 affects Exiv2 up to version 0.26, where a stack consumption vulnerability in Exiv2::Internal::stringFormat (image.cpp) can be triggered by crafted input to cause remote denial of service. Public details confirm the issue exists in Exiv2 0.26 and is not present in later releases by ...

CVE-2017-14861

There is a stack consumption vulnerability in the Exiv2::Internal::stringFormat function of image.cpp in Exiv2 0.26. A Crafted input will lead to a remote denial of service attack...

CVE-2017-12595

The tokenizer in QPDF 6.0.0 and 7.0.b1 is recursive for arrays and dictionaries, which allows remote attackers to cause a denial of service stack consumption and segmentation fault or possibly have unspecified other impact via a PDF document with a deep data structure, as demonstrated by a crash ...

CVE-2017-12964

There is a stack consumption issue in LibSass 3.4.5 that is triggered in the function Sass::Eval::operator in eval.cpp. It will lead to a remote denial of service attack...

UBUNTU-CVE-2017-12964

There is a stack consumption issue in LibSass 3.4.5 that is triggered in the function Sass::Eval::operator in eval.cpp. It will lead to a remote denial of service attack...

CVE-2017-12964

CVE-2017-12964 describes a stack-consumption vulnerability in LibSass 3.4.5 triggered by Sass::Eval::operator() in eval.cpp, resulting in a remote denial of service. The affected component is LibSass (C/C++ library for Sass). The available sources consistently state a stack-based denial of servic...

CVE-2017-12964

There is a stack consumption issue in LibSass 3.4.5 that is triggered in the function Sass::Eval::operator in eval.cpp. It will lead to a remote denial of service attack...

EulerOS 2.0 SP2 : librsvg2 (EulerOS-SA-2017-1137)

According to the version of the librsvg2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The rsvgcssnormalizefontsize function in librsvg 2.40.2 allows context-dependent attackers to cause a denial of service stack consumption and...

EulerOS 2.0 SP1 : librsvg2 (EulerOS-SA-2017-1136)

According to the version of the librsvg2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The rsvgcssnormalizefontsize function in librsvg 2.40.2 allows context-dependent attackers to cause a denial of service stack consumption and...

CVE-2006-3635

The ia64 subsystem in the Linux kernel before 2.6.26 allows local users to cause a denial of service stack consumption and system crash via a crafted application that leverages the mishandling of invalid Register Stack Engine RSE state...

CVE-2006-3635

The ia64 subsystem in the Linux kernel before 2.6.26 allows local users to cause a denial of service stack consumption and system crash via a crafted application that leverages the mishandling of invalid Register Stack Engine RSE state...

Linux kernel ia64 subsystem denial of service vulnerability

The Linux kernel is the kernel used by the operating system Linux, released by the Linux Foundation in the U.S. The ia64 subsystem is one of the 64-bit architecture subsystems. A denial of service vulnerability exists in the ia64 subsystem in versions of Linux kernel prior to 2.6.26. A local...

QPDF Denial of Service Vulnerability (CNVD-2017-25630)

QPDF is a command line program capable of structuring PDFs. The program can encrypt PDF files, analyze or change the internal structure of PDF files. A security vulnerability exists in libqpdf in QPDF version 6.0.0. An attacker can exploit this vulnerability with the help of specially crafted fil...

ALPINE-CVE-2017-11625

A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the QPDF::resolveObjectsInStream function in QPDF.cc, aka an "infinite loop."...