16 matches found
kernel: Linux kernel: Denial of Service in authencesn due to too-short AAD
A flaw was found in the Linux kernel's authencesn authenticated encryption with associated data implementation. A remote attacker can exploit this vulnerability by providing a specially crafted Associated Additional Data with a length shorter than the expected minimum. This can lead to a NULL...
CVE-2025-67897
In Sequoia before 2.1.0, aeskeyunwrap panics if passed a ciphertext that is too short. A remote attacker can take advantage of this issue to crash an application by sending a victim an encrypted message with a crafted PKESK or SKESK packet...
Sequoia PGP 安全漏洞
Sequoia PGP is a Rust library open-sourced by sequoia-pgp. A security vulnerability exists in Sequoia PGP versions prior to 2.1.0, which stems from the fact that aeskeyunwrap crashes when passing too short a ciphertext, potentially crashing the application...
DEBIAN-CVE-2025-54874
OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opjjp2readheader may lead to OOB heap memory write when the data stream pstream is too short and pimage is not initialized...
ALPINE-CVE-2025-54874
OpenJPEG is an open-source JPEG 2000 codec. In OpenJPEG from 2.5.1 through 2.5.3, a call to opjjp2readheader may lead to OOB heap memory write when the data stream pstream is too short and pimage is not initialized...
AZL-49878 CVE-2024-46861 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: do not stop RX on failing RX callback RX callbacks can fail for multiple reasons: Payload too short Payload formatted incorrecly e.g. bad NCM framing Lack of memory None of these should cause the driver to seize u...
golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service
An uncontrolled resource consumption flaw was found in Golang math/big. A too-short encoded message can cause a panic in Float.GobDecode and Rat.GobDecode in math/big in Go, potentially allowing an attacker to create a denial of service, impacting availability...
SUSE CVE-2007-0008
Integer underflow in the SSLv2 support in Mozilla Network Security Services NSS before 3.11.5, as used by Firefox before 1.5.0.10 and 2.x before 2.0.0.2, SeaMonkey before 1.0.8, Thunderbird before 1.5.0.10, and certain Sun Java System server products before 20070611, allows remote attackers to...
SUSE CVE-2017-11450
coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via JPEG data that is too short...
golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service
An uncontrolled resource consumption flaw was found in Golang math/big. A too-short encoded message can cause a panic in Float.GobDecode and Rat.GobDecode in math/big in Go, potentially allowing an attacker to create a denial of service, impacting availability...
golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service
An uncontrolled resource consumption flaw was found in Golang math/big. A too-short encoded message can cause a panic in Float.GobDecode and Rat.GobDecode in math/big in Go, potentially allowing an attacker to create a denial of service, impacting availability...
golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service
An uncontrolled resource consumption flaw was found in Golang math/big. A too-short encoded message can cause a panic in Float.GobDecode and Rat.GobDecode in math/big in Go, potentially allowing an attacker to create a denial of service, impacting availability...
DEBIAN-CVE-2022-32189
A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially allowing a denial of service...
Apache Hadoop Information Disclosure Vulnerability (CNVD-2017-36014)
Apache Hadoop is the U.S. Apache Apache Software Foundation's set of open source distributed systems infrastructure, it can be distributed processing of large amounts of data, and has high reliability, high scalability, high fault tolerance and other characteristics. A security vulnerability exis...
DEBIAN-CVE-2017-11450
coders/jpeg.c in ImageMagick before 7.0.6-1 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via JPEG data that is too short...
UBUNTU-CVE-2015-5288
The crypt function in contrib/pgcrypto in PostgreSQL before 9.0.23, 9.1.x before 9.1.19, 9.2.x before 9.2.14, 9.3.x before 9.3.10, and 9.4.x before 9.4.5 allows attackers to cause a denial of service server crash or read arbitrary server memory via a "too-short" salt...