CVE-2014-9769

pcrejitcompile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service stack memory corruption or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata...

CVE-2014-9769

CVE-2014-9769 targets the PCRE library (PCRE 8.35) with a flaw in pcre_jit_compile.c where table jumps are not used correctly for nested alternatives. This can allow remote attackers to trigger a denial of service (stack memory corruption/segfault) via a crafted string observed in Suricata/Open R...

CVE-2014-9769

pcrejitcompile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service stack memory corruption or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata...

CVE-2014-9769

pcrejitcompile.c in PCRE 8.35 does not properly use table jumps to optimize nested alternatives, which allows remote attackers to cause a denial of service stack memory corruption or possibly have unspecified other impact via a crafted string, as demonstrated by packets encountered by Suricata...

CVE-2016-1956

Mozilla Firefox before 45.0 on Linux, when an Intel video driver is used, allows remote attackers to cause a denial of service memory consumption or stack memory corruption by triggering use of a WebGL shader...

QEMU Denial of Service Vulnerability (CNVD-2016-01541)

QEMU is a simulation processor software developed by French programmer Fabrice Bellard. The software is fast and cross-platform. QEMU has a security vulnerability. Due to an error in the program's handling of requests for random number generation entropy. A local attacker exploited the...

CVE-2016-1977

The Machine::Code::decoder::analysis::setref function in Graphite 2 before 1.3.6, as used in Mozilla Firefox before 45.0 and Firefox ESR 38.x before 38.7, allows remote attackers to execute arbitrary code or cause a denial of service stack memory corruption via a crafted Graphite smart font...

CVE-2016-1956

Mozilla Firefox before 45.0 on Linux, when an Intel video driver is used, allows remote attackers to cause a denial of service memory consumption or stack memory corruption by triggering use of a WebGL shader...

FreeBSD : jasper -- multiple vulnerabilities (006e3b7c-d7d7-11e5-b85f-0018fe623f2b)

oCERT reports : The library is affected by a double-free vulnerability in function jasiccattrvaldestroy as well as a heap-based buffer overflow in function jp2decode. A specially crafted jp2 file can be used to trigger the vulnerabilities. oCERT reports : The library is affected by an off-by-one...

Network Time Protocol Private Mode 'reslist' Stack Memory Exhaustion Vulnerability

CERT VU357792 Summary An unauthenticated ntpdc reslist command can cause a segmentation fault in ntpd by exhausting the call stack. The following conditions must be met: 1. Mode 7 must be enabled. By default, mode 7 is disabled. 2. A large enough number of entries must be in the restrict lists to...

CVE-2007-0061

The DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows remote attackers ...

CVE-2011-3345

ulp/sdp/sdpproc.c in the ibsdp module aka ibsdp.ko in the ofakernel package in the InfiniBand driver implementation in OpenFabrics Enterprise Distribution OFED before 1.5.3 does not properly handle certain non-array variables, which allows local users to cause a denial of service stack memory...

CVE-2011-1173

The econetsendmsg function in net/econet/afeconet.c in the Linux kernel before 2.6.39 on the x8664 platform allows remote attackers to obtain potentially sensitive information from kernel stack memory by reading uninitialized data in the ah field of an Acorn Universal Networking AUN packet...

flash-plugin: multiple code execution issues fixed in APSB15-23

Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service...

Memory corruption

Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service...

Memory corruption

Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service...

CVE-2015-5579

Adobe Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows and OS X and before 11.2.202.521 on Linux, Adobe AIR before 19.0.0.190, Adobe AIR SDK before 19.0.0.190, and Adobe AIR SDK & Compiler before 19.0.0.190 allow attackers to execute arbitrary code or cause a denial of service...

CVE-2015-5579

The CVE-2015-5579 entry concerns Adobe Flash Player and related AIR components. Affected components include Flash Player on Windows/OS X (before 18.0.0.241 and 19.x before 19.0.0.185) and Linux (before 11.2.202.521), Adobe AIR before 19.0.0.190, and the AIR SDK and AIR SDK & Compiler before 19.0....

CVE-2015-5567

CVE-2015-5567 describes a stack memory corruption vulnerability in Adobe Flash Player and Adobe AIR that could allow remote code execution or a denial of service. Affected software and versions (as stated): Flash Player before 18.0.0.241 and 19.x before 19.0.0.185 on Windows/OS X; Flash on Linux ...

Binary loopholes-the evil of the printf-bug warning-the black bar safety net

This article is binary vulnerabilities related series of articles. printf some of the lesser-known characteristics, for coding convenience, but also introduces security problems. This paper focus on the description of printf in the exploits of some of the usage, in the normal programming is not...