DEBIAN-CVE-2021-41253

Zydis is an x86/x86-64 disassembler library. Users of Zydis versions v3.2.0 and older that use the string functions provided in zycore in order to append untrusted user data to the formatter buffer within their custom formatter hooks can run into heap buffer overflows. Older versions of Zydis...

CVE-2021-41253 Possible heap buffer overflow when using zycore string functions in formatter hooks

Zydis is an x86/x86-64 disassembler library. Users of Zydis versions v3.2.0 and older that use the string functions provided in zycore in order to append untrusted user data to the formatter buffer within their custom formatter hooks can run into heap buffer overflows. Older versions of Zydis...

zydis -- heap buffer overflow

Zyantific reports: Zydis users of versions v3.2.0 and older that use the string functions provided in zycore in order to append untrusted user data to the formatter buffer within their custom formatter hooks can run into heap buffer overflows. Older versions of Zydis failed to properly initialize...

OSV-2020-2147 Use-of-uninitialized-value in stringNew

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27348 Crash type: Use-of-uninitialized-value Crash state: stringNew stringReplace pixSetText...

Fedora 28 : glibc (2018-060302dc83)

This update for the glibc package addresses one moderate security vulnerability and several defects. - CVE-2018-19591: A file descriptor leak in ifnametoindex can lead to a denial of service due to resource exhaustion when processing getaddrinfo calls with crafted host names. Reported by Guido...

CVE-2018-1000101

Mingw-w64 version 5.0.3 and earlier, 5.0.4, 6.0.0 and 7.0.0 contains an Improper Null Termination CWE-170 vulnerability in mingw-w64-crt libc-vsnprintf that can result in The bug may be used to corrupt subsequent string functions. This attack appear to be exploitable via Depending on the usage,...

ZHONE S3.0.501 - Multiple Remote Code Execution Vulnerabilities

ZHONE S3.0.501 - Multiple Remote Code Execution Vulnerabilities Vantage Point Security Advisory 2015-003 ======================================== Title: Multiple Remote Code Execution found in ZHONE Vendor: Zhone Vendor URL: http://www.zhone.com Device Model: ZHONE ZNID GPON 2426A 24xx, 24xxA,...

CVE-2011-1140

Multiple stack consumption vulnerabilities in the dissectmscompressedstring and dissectmscldapstring functions in Wireshark 1.0.x, 1.2.0 through 1.2.14, and 1.4.0 through 1.4.3 allow remote attackers to cause a denial of service infinite recursion via a crafted 1 SMB or 2 Connection-less LDAP CLD...

CVE-2009-4124

Heap-based buffer overflow in the rbstrjustify function in string.c in Ruby 1.9.1 before 1.9.1-p376 allows context-dependent attackers to execute arbitrary code via unspecified vectors involving 1 Stringljust, 2 Stringcenter, or 3 Stringrjust. NOTE: some of these details are obtained from third...

ruby -- heap overflow vulnerability

The official ruby site reports: There is a heap overflow vulnerability in Stringljust, Stringcenter and Stringrjust. This has allowed an attacker to run arbitrary code in some rare cases...

Ubuntu Update for php5 regression USN-424-2

Ubuntu Update for Linux kernel vulnerabilities USN-424-2 OpenVAS Vulnerability Test $Id: gbubuntuUSN4242.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for php5 regression USN-424-2 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net...

Ubuntu Update for php5 vulnerabilities USN-424-1

Ubuntu Update for Linux kernel vulnerabilities USN-424-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4241.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for php5 vulnerabilities USN-424-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Ubuntu 5.10 / 6.06 LTS / 6.10 : php5 regression (USN-424-2)

USN-424-1 fixed vulnerabilities in PHP. However, some upstream changes were not included, which caused errors in the stream filters. This update fixes the problem. We apologize for the inconvenience. Multiple buffer overflows have been discovered in various PHP modules. If a PHP application...

Ubuntu 5.10 / 6.06 LTS / 6.10 : php5 vulnerabilities (USN-424-1)

Multiple buffer overflows have been discovered in various PHP modules. If a PHP application processes untrusted data with functions of the session or zip module, or various string functions, a remote attacker could exploit this to execute arbitrary code with the privileges of the web server...

PHP multiple DoS conditions

Crash on oversized strings in fnmatch, iconvsubstr, glob and setlocale functions...

USN-424-2: PHP regression

USN-424-1 fixed vulnerabilities in PHP. However, some upstream changes were not included, which caused errors in the stream filters. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple buffer overflows have been discovered in various PHP modules...