34 matches found
Insufficient Session Expiration in @cyyynthia/tokenize
Impact A bug introduced in version 1.1.0 made Tokenize generate faulty tokens with NaN as a generation date. As a result, tokens would not properly expire and remain valid regardless of the lastTokenReset field. Patches Version 1.1.3 contains a patch that'll invalidate these faulty tokens and mak...
Netwide Assembler Heap Buffer Over-Read Vulnerability
Netwide Assembler NASM is a portable, modular 80x86 and x86-64 assembler. A heap buffer over-read vulnerability exists in the tokenize function in asm/preproc.c in Netwide Assembler NASM 2.13.02rc2, for which there is currently no detailed vulnerability description...
Heap overflow
Netwide Assembler NASM 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string...
CVE-2018-8881
Netwide Assembler NASM 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string...
DEBIAN-CVE-2018-8881
Netwide Assembler NASM 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string...
CVE-2018-8881
Netwide Assembler NASM 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string...
CVE-2018-8881
Netwide Assembler NASM 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string...
CVE-2018-8881
CVE-2018-8881 affects Netwide Assembler (NASM) with a heap-based buffer over-read in the tokenize function (asm/preproc.c) caused by an unterminated string. Reported as part of NASM 2.13.02rc2 and related builds; OpenVAS/Nessus entries reiterate this CVE among a broad NASM set. No public remediat...
CVE-2018-8881
Netwide Assembler NASM 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string...
UBUNTU-CVE-2018-8881
Netwide Assembler NASM 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string...
AZL-12122 CVE-2017-11548 affecting package libao 1.2.0-24
The tokenizematrix function in audioout.c in Xiph.Org libao 1.2.0 allows remote attackers to cause a denial of service memory corruption via a crafted MP3 file...
ALPINE-CVE-2017-11548
The tokenizematrix function in audioout.c in Xiph.Org libao 1.2.0 allows remote attackers to cause a denial of service memory corruption via a crafted MP3 file...
DEBIAN-CVE-2017-11548
The tokenizematrix function in audioout.c in Xiph.Org libao 1.2.0 allows remote attackers to cause a denial of service memory corruption via a crafted MP3 file...
FreeBSD : SpamAssassin -- denial-of-service in tokenize_headers (0d3a5148-f512-11d8-9837-000c41e2cdad)
According to the SpamAssassin 2.64 release announcement : Security fix prevents a denial of service attack open to certain malformed messages; this DoS affects all SpamAssassin 2.5x and 2.6x versions to date. The issue appears to be triggered by overly long message headers. C Tenable Network...