lib32-glibc: multiple issues

CVE-2016-1234 arbitrary code execution It was found that glob implementation in glibc does not correctly handle overlong names in struct dirent buffers when GLOBALTDIRFUNC is used, causing a large stack-based buffer overflow with controlled length and content. - CVE-2016-3706 denial of service A...

CVE-2015-0570

Stack-based buffer overflow in the SETWPSIE IOCTL implementation in wlanhddhostapd.c in the WLAN aka Wi-Fi driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center QuIC Android contributions for MSM devices and other products, allows attackers to gain privileges via a crafte...

Wireshark NCP dissector Denial of Service Vulnerability (May 2016) - Windows

Wireshark is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"...

HP Data Protector 7.0x < 7.03 build 108 / 8.1x < 8.15 / 9.0x < 9.06 Multiple Vulnerabilities (HPSBGN03580) (Bar Mitzvah)

The version of HP Data Protector installed on the remote host is 7.0x prior to 7.03 build 108, 8.1x prior to 8.15, or 9.0x prior to 9.06. It is, therefore, affected by the following vulnerabilities : - A security feature bypass vulnerability exists, known as Bar Mitzvah, due to improper combinati...

KLA10796 Multiple vulnerabilities in Wireshark

Multiple vulnerabilities were found in Wireshark. By exploiting these vulnerabilities malicious users can cause denial of service. These vulnerabilities can be exploited remotely by injecting malformed packet. Technical details These vulnerabilities can be exploited remotely via a vectors related...

CVE-2015-8779

Stack-based buffer overflow in the catopen function in the GNU C Library aka glibc or libc6 before 2.23 allows context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code via a long catalog name...

CVE-2014-9761

Multiple stack-based buffer overflows in the GNU C Library aka glibc or libc6 before 2.23 allow context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code via a long argument to the 1 nan, 2 nanf, or 3 nanl function...

CVE-2016-0840

Multiple stack-based buffer underflows in decoder/ih264dparsecavlc.c in mediaserver in Android 6.x before 2016-04-01 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 26399350...

Stack overflow

Multiple stack-based buffer underflows in decoder/ih264dparsecavlc.c in mediaserver in Android 6.x before 2016-04-01 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 26399350...

Stack overflow

Stack-based buffer overflow in decoder/impeg2dvld.c in mediaserver in Android 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 25812590...

CVE-2016-0840

Multiple stack-based buffer underflows in decoder/ih264dparsecavlc.c in mediaserver in Android 6.x before 2016-04-01 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 26399350...

CVE-2016-0840

Multiple stack-based buffer underflows in decoder/ih264dparsecavlc.c in mediaserver in Android 6.x before 2016-04-01 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 26399350...

CVE-2016-0836

Stack-based buffer overflow in decoder/impeg2dvld.c in mediaserver in Android 6.x before 2016-04-01 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted media file, aka internal bug 25812590...

Debian DSA-3551-1 : fuseiso - security update

It was discovered that fuseiso, a user-space implementation of the ISO 9660 file system based on FUSE, contains several vulnerabilities. - CVE-2015-8836 A stack-based buffer overflow may allow attackers who can trick a user into mounting a crafted ISO 9660 file system to cause a denial of service...

Debian Security Advisory DSA 3551-1 (fuseiso - security update)

It was discovered that fuseiso, a user-space implementation of the ISO 9660 file system based on FUSE, contains several vulnerabilities. CVE-2015-8836 A stack-based buffer overflow may allow attackers who can trick a user into mounting a crafted ISO 9660 file system to cause a denial of service...

Integer overflow

Integer overflow in the getnum function in luastruct.c in Redis 2.8.x before 2.8.24 and 3.0.x before 3.0.6 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service memory corruption and application crash or possibly bypass intended sandbox...

CVE-2015-8080

Integer overflow in the getnum function in luastruct.c in Redis 2.8.x before 2.8.24 and 3.0.x before 3.0.6 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service memory corruption and application crash or possibly bypass intended sandbox...

CVE-2015-8614

Multiple stack-based buffer overflows in the 1 convjistoeuc, 2 conveuctojis, and 3 convsjistoeuc functions in codeconv.c in Claws Mail before 3.13.1 allow remote attackers to have unspecified impact via a crafted email, involving Japanese character set conversion...

CVE-2015-8614

Multiple stack-based buffer overflows in the 1 convjistoeuc, 2 conveuctojis, and 3 convsjistoeuc functions in codeconv.c in Claws Mail before 3.13.1 allow remote attackers to have unspecified impact via a crafted email, involving Japanese character set conversion...

CVE-2015-8708

Claws Mail 3.13.1 is affected by CVE-2015-8708 (and CVE-2015-8614) due to stack-based buffer overflows in conv_euctojis (and related conv_jistoeuc/sjistoeuc) in codeconv.c, enabling remote exploitation via a crafted email involving Japanese character set conversion. The issue arises from an incom...