CVE-2016-3672

The archpickmmaplayout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easier for local users to defeat the intended restrictions on the ADDRNORANDOMIZE flag, and bypass the ASLR protection mechanism for a setuid...

CVE-2016-3075

Stack-based buffer overflow in the nssdns implementation of the getnetbyname function in GNU C Library aka glibc before 2.24 allows context-dependent attackers to cause a denial of service stack consumption and application crash via a long name...

CVE-2008-4482

The XML parser in Xerces-C++ before 3.0.0 allows context-dependent attackers to cause a denial of service stack consumption and crash via an XML schema definition with a large maxOccurs value, which triggers excessive memory consumption during validation of an XML file...

CVE-2009-0605

Stack consumption vulnerability in the dopagefault function in arch/x86/mm/fault.c in the Linux kernel before 2.6.28.5 allows local users to cause a denial of service memory corruption or possibly gain privileges via unspecified vectors that trigger page faults on a machine that has a registered...

CVE-2015-6806

The MScrollV function in ansi.c in GNU screen 4.3.1 and earlier does not properly limit recursion, which allows remote attackers to cause a denial of service stack consumption via an escape sequence with a large repeat count value...

Code injection

The MScrollV function in ansi.c in GNU screen 4.3.1 and earlier does not properly limit recursion, which allows remote attackers to cause a denial of service stack consumption via an escape sequence with a large repeat count value...

CVE-2015-6806

CVE-2015-6806 affects GNU Screen 4.3.1 and earlier; root cause is MScrollV recursion not properly limited in ansi.c, enabling denial of service via a large repeat-count escape sequence (stack consumption). Public advisories across distros (Ubuntu USN-3996-1, openSUSE/openSUSE-2019-1485, SUSE-SU-2...

CVE-2015-6806

The MScrollV function in ansi.c in GNU screen 4.3.1 and earlier does not properly limit recursion, which allows remote attackers to cause a denial of service stack consumption via an escape sequence with a large repeat count value...

CVE-2015-6806

The MScrollV function in ansi.c in GNU screen 4.3.1 and earlier does not properly limit recursion, which allows remote attackers to cause a denial of service stack consumption via an escape sequence with a large repeat count value...

Stack overflow

Stack consumption vulnerability in the message splitting functionality in Quassel before 0.12-rc1 allows remote attackers to cause a denial of service uncontrolled recursion via a crafted massage...

CVE-2015-2779

Stack consumption vulnerability in the message splitting functionality in Quassel before 0.12-rc1 allows remote attackers to cause a denial of service uncontrolled recursion via a crafted massage...

Oracle Solaris Third-Party Patch Update : perl (cve_2014_4330_buffer_errors)

The remote Solaris system is missing necessary patches to address security updates : - The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to cause a denial of service stack consumption and crash via an Array-Reference with many...

F5 Networks BIG-IP : Apache vulnerability (SOL15920)

Stack consumption vulnerability in the fnmatch implementation in aprfnmatch.c in the Apache Portable Runtime APR library before 1.4.3 and the Apache HTTP Server before 2.2.18, and in fnmatch.c in libc in NetBSD 5.1, OpenBSD 4.8, FreeBSD, Apple Mac OS X 10.6, Oracle Solaris 10, and Android, allows...

GLSA-201412-14 : Xfig: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201412-14 Xfig: User-assisted execution of arbitrary code A stack-based buffer overflow and a stack consumption vulnerability have been found in Xfig. Impact : A remote attacker could entice a user to open a specially crafted file...

Ubuntu 12.04 LTS : linux vulnerabilities (USN-2376-1)

Steven Vittitoe reported multiple stack buffer overflows in Linux kernel's magicmouse HID driver. A physically proximate attacker could exploit this flaw to cause a denial of service system crash or possibly execute arbitrary code via specially crafted devices. CVE-2014-3181 Ben Hawkes reported...

Updated perl packages fix CVE-2014-4330

Updated perl package fixes security vulnerability: The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to cause a denial of service stack consumption and crash via an Array-Reference with many nested Array-References, which trigge...

CVE-2014-4330

The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to cause a denial of service stack consumption and crash via an Array-Reference with many nested Array-References, which triggers a large number of recursive calls to the DDdump...

Design/Logic Flaw

The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to cause a denial of service stack consumption and crash via an Array-Reference with many nested Array-References, which triggers a large number of recursive calls to the DDdump...

CVE-2014-4330

The Dumper method in Data::Dumper before 2.154, as used in Perl 5.20.1 and earlier, allows context-dependent attackers to cause a denial of service stack consumption and crash via an Array-Reference with many nested Array-References, which triggers a large number of recursive calls to the DDdump...

CVE-2014-5471

Stack consumption vulnerability in the parserockridgeinodeinternal function in fs/isofs/rock.c in the Linux kernel through 3.16.1 allows local users to cause a denial of service uncontrolled recursion, and system crash or reboot via a crafted iso9660 image with a CL entry referring to a directory...