Lucene search
K

34 matches found

Github Security Blog
Github Security Blog
added 2021/11/10 4:44 p.m.10 views

Insufficient Session Expiration in @cyyynthia/tokenize

Impact A bug introduced in version 1.1.0 made Tokenize generate faulty tokens with NaN as a generation date. As a result, tokens would not properly expire and remain valid regardless of the lastTokenReset field. Patches Version 1.1.3 contains a patch that'll invalidate these faulty tokens and mak...

2.2AI score
Exploits0References2Affected Software1
CNVD
CNVD
added 2018/03/21 12:0 a.m.3 views

Netwide Assembler Heap Buffer Over-Read Vulnerability

Netwide Assembler NASM is a portable, modular 80x86 and x86-64 assembler. A heap buffer over-read vulnerability exists in the tokenize function in asm/preproc.c in Netwide Assembler NASM 2.13.02rc2, for which there is currently no detailed vulnerability description...

7.3CVSS7.1AI score0.01128EPSS
Exploits0References1
Prion
Prion
added 2018/03/20 11:29 p.m.21 views

Heap overflow

Netwide Assembler NASM 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string...

6.8CVSS7AI score0.01128EPSS
Exploits0References4Affected Software2
ATTACKERKB
ATTACKERKB
added 2018/03/20 11:29 p.m.6 views

CVE-2018-8881

Netwide Assembler NASM 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string...

7.3CVSS5.8AI score0.01128EPSS
Exploits0References6
OSV
OSV
added 2018/03/20 11:29 p.m.2 views

DEBIAN-CVE-2018-8881

Netwide Assembler NASM 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string...

7.3CVSS7.2AI score0.01128EPSS
Exploits0References1
NVD
NVD
added 2018/03/20 11:29 p.m.20 views

CVE-2018-8881

Netwide Assembler NASM 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string...

7.3CVSS5.7AI score0.01128EPSS
Exploits0References4
Cvelist
Cvelist
added 2018/03/20 11:0 p.m.28 views

CVE-2018-8881

Netwide Assembler NASM 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string...

6.2AI score0.01128EPSS
Exploits0References4
CVE
CVE
added 2018/03/20 11:0 p.m.154 views

CVE-2018-8881

CVE-2018-8881 affects Netwide Assembler (NASM) with a heap-based buffer over-read in the tokenize function (asm/preproc.c) caused by an unterminated string. Reported as part of NASM 2.13.02rc2 and related builds; OpenVAS/Nessus entries reiterate this CVE among a broad NASM set. No public remediat...

7.3CVSS6.1AI score0.01128EPSS
Exploits0References4Affected Software1
UbuntuCve
UbuntuCve
added 2018/03/20 12:0 a.m.24 views

CVE-2018-8881

Netwide Assembler NASM 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string...

7.3CVSS6.9AI score0.01128EPSS
Exploits0References2
OSV
OSV
added 2018/03/20 12:0 a.m.1 views

UBUNTU-CVE-2018-8881

Netwide Assembler NASM 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string...

7.3CVSS6.8AI score0.01128EPSS
Exploits0References3
OSV
OSV
added 2017/07/31 1:29 p.m.5 views

AZL-12122 CVE-2017-11548 affecting package libao 1.2.0-24

The tokenizematrix function in audioout.c in Xiph.Org libao 1.2.0 allows remote attackers to cause a denial of service memory corruption via a crafted MP3 file...

5.5CVSS6AI score0.03855EPSS
Exploits3References1
OSV
OSV
added 2017/07/31 1:29 p.m.2 views

ALPINE-CVE-2017-11548

The tokenizematrix function in audioout.c in Xiph.Org libao 1.2.0 allows remote attackers to cause a denial of service memory corruption via a crafted MP3 file...

5.5CVSS6.7AI score0.03855EPSS
Exploits3References1
OSV
OSV
added 2017/07/31 1:29 p.m.0 views

DEBIAN-CVE-2017-11548

The tokenizematrix function in audioout.c in Xiph.Org libao 1.2.0 allows remote attackers to cause a denial of service memory corruption via a crafted MP3 file...

5.5CVSS6.7AI score0.03855EPSS
Exploits3References1
Tenable Nessus
Tenable Nessus
added 2004/08/23 12:0 a.m.17 views

FreeBSD : SpamAssassin -- denial-of-service in tokenize_headers (0d3a5148-f512-11d8-9837-000c41e2cdad)

According to the SpamAssassin 2.64 release announcement : Security fix prevents a denial of service attack open to certain malformed messages; this DoS affects all SpamAssassin 2.5x and 2.6x versions to date. The issue appears to be triggered by overly long message headers. C Tenable Network...

5CVSS5.3AI score0.01943EPSS
Exploits0References4
Rows per page
Query Builder