CVE-2016-4485

The llccmsgrcv function in net/llc/afllc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by reading a message...

CVE-2016-2428

libAACdec/src/aacdecdrc.cpp in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-05-01 does not properly limit the number of threads, which allows remote attackers to execute arbitrary code or cause a denial of service stack memory corruption via...

CVE-2016-4006

epan/proto.c in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 does not limit the protocol-tree depth, which allows remote attackers to cause a denial of service stack memory consumption and application crash via a crafted packet...

Microsoft Windows OLE Remote Code Execution (MS16-044: CVE-2016-0153)

A vulnerability was identified in Microsoft Word while processing an embedded object within a word document that could lead to a stack memory corruption. The Stack Corruption occures in ole32!OleRegEnumVerbs Functionis with an out of bound write...

CVE-2016-2563

Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows remote servers to cause a denial of service stack memory corruption or execute arbitrary code via a crafted SCP-SINK file-size response to an SCP download request...

Stack overflow

Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows remote servers to cause a denial of service stack memory corruption or execute arbitrary code via a crafted SCP-SINK file-size response to an SCP download request...

CVE-2016-2563

Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows remote servers to cause a denial of service stack memory corruption or execute arbitrary code via a crafted SCP-SINK file-size response to an SCP download request...

CVE-2016-2563

Stack-based buffer overflow in the SCP command-line utility in PuTTY before 0.67 and KiTTY 0.66.6.3 and earlier allows remote servers to cause a denial of service stack memory corruption or execute arbitrary code via a crafted SCP-SINK file-size response to an SCP download request...

CVE-2014-9769

pcrejitcompile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service stack memory corruption or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata...

PCRE pcre_jit_compile.c Denial of Service Vulnerability

PCRE is a Perl library that includes a perl-compatible regular expression library. PCRE version 8.35 pcrejitcompile.c fails to properly optimize nested substitutions using table jumps. A remote attacker could utilize the constructed strings to cause a denial of service stack memory corruption...

Tor: Overreads/overcopies in torsocks

First off, I know torsocks isn't in scope, so I don't expect anything in return for this. I happened to stumble upon this so why not report it. However if you feel generous you're welcome to give me bounty/swag ofcourse :P. Here 16 bytes instead of 4 are copied, thereby copying 12 bytes of...

Memory corruption

pcrejitcompile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service stack memory corruption or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata...

CVE-2014-9769

pcrejitcompile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service stack memory corruption or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata...

CVE-2014-9769

pcrejitcompile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service stack memory corruption or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata...

CVE-2014-9769

CVE-2014-9769 targets the PCRE library (PCRE 8.35) with a flaw in pcre_jit_compile.c where table jumps are not used correctly for nested alternatives. This can allow remote attackers to trigger a denial of service (stack memory corruption/segfault) via a crafted string observed in Suricata/Open R...

CVE-2014-9769

pcrejitcompile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service stack memory corruption or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata...

CVE-2014-9769

pcrejitcompile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service stack memory corruption or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata...

CVE-2016-1956

Mozilla Firefox before 45.0 on Linux, when an Intel video driver is used, allows remote attackers to cause a denial of service memory consumption or stack memory corruption by triggering use of a WebGL shader...

QEMU Denial of Service Vulnerability (CNVD-2016-01541)

QEMU is a simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. QEMU has a security vulnerability. Due to an error in the program's handling of requests for random number generation entropy. A local attacker exploited the...

CVE-2016-1956

Mozilla Firefox before 45.0 on Linux, when an Intel video driver is used, allows remote attackers to cause a denial of service memory consumption or stack memory corruption by triggering use of a WebGL shader...