893 matches found
ALPINE-CVE-2017-11627
A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the PointerHolder function in PointerHolder.hh, aka an "infinite loop."...
UBUNTU-CVE-2017-11627
A stack-consumption vulnerability was found in libqpdf in QPDF 6.0.0, which allows attackers to cause a denial of service via a crafted file, related to the PointerHolder function in PointerHolder.hh, aka an "infinite loop."...
CVE-2017-11554
There is a stack consumption vulnerability in the lex function in parser.hpp as used in sassc in LibSass 3.4.5. A crafted input will lead to a remote denial of service...
CVE-2017-11554
There is a stack consumption vulnerability in the lex function in parser.hpp as used in sassc in LibSass 3.4.5. A crafted input will lead to a remote denial of service...
DEBIAN-CVE-2017-11554
There is a stack consumption vulnerability in the lex function in parser.hpp as used in sassc in LibSass 3.4.5. A crafted input will lead to a remote denial of service...
CVE-2017-11554
There is a stack consumption vulnerability in the lex function in parser.hpp as used in sassc in LibSass 3.4.5. A crafted input will lead to a remote denial of service...
Design/Logic Flaw
There is a stack consumption vulnerability in the lex function in parser.hpp as used in sassc in LibSass 3.4.5. A crafted input will lead to a remote denial of service...
CVE-2017-11556
There is a stack consumption vulnerability in the Parser::advanceToNextToken function in parser.cpp in LibSass 3.4.5. A crafted input may lead to remote denial of service...
CVE-2017-11554
CVE-2017-11554 affects LibSass 3.4.5 (lex function in parser.hpp, as used by sassc). The vulnerability is a stack-consumption DoS triggered by crafted input, enabling remote denial of service. Multiple connected sources corroborate the issue and its impact. OpenSUSE/SUSE advisories and OSV/NVD en...
CVE-2017-11554
There is a stack consumption vulnerability in the lex function in parser.hpp as used in sassc in LibSass 3.4.5. A crafted input will lead to a remote denial of service...
CVE-2017-11556
There is a stack consumption vulnerability in the Parser::advanceToNextToken function in parser.cpp in LibSass 3.4.5. A crafted input may lead to remote denial of service...
CVE-2017-1000373
The OpenBSD qsort function is recursive, and not randomized, an attacker can construct a pathological input array of N elements that causes qsort to deterministically recurse N/4 times. This allows attackers to consume arbitrary amounts of stack memory and manipulate stack memory to assist in...
CVE-2017-9438
libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service stack consumption via a crafted rule involving hex strings that is mishandled in the yrreemit function, a different vulnerability than CVE-2017-9304...
Code injection
libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service stack consumption via a crafted rule involving hex strings that is mishandled in the yrreemit function, a different vulnerability than CVE-2017-9304...
CVE-2017-9438
libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service stack consumption via a crafted rule involving hex strings that is mishandled in the yrreemit function, a different vulnerability than CVE-2017-9304...
CVE-2017-9438
libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service stack consumption via a crafted rule involving hex strings that is mishandled in the yrreemit function, a different vulnerability than CVE-2017-9304...
CVE-2017-9438
libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service stack consumption via a crafted rule involving hex strings that is mishandled in the yrreemit function, a different vulnerability than CVE-2017-9304...
CVE-2017-9438
libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service stack consumption via a crafted rule involving hex strings that is mishandled in the yrreemit function, a different vulnerability than CVE-2017-9304...
YARA Denial of Service Vulnerability (CNVD-2017-11646)
YARA is a suite of tools used to help software researchers identify and categorize malware samples. regexp is a regular expression module. A denial of service vulnerability exists in the libyara/re.c file of the regexp module in YARA version 3.5.0. A remote attacker could exploit this vulnerabili...
CVE-2017-9304
libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service stack consumption via a crafted rule that is mishandled in the yrreemit function...