14 matches found
Allocation of Resources Without Limits or Throttling
Overview Magick.NET-Q8-OpenMP-arm64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package...
HarfBuzz 安全漏洞
HarfBuzz is HarfBuzz open source a text engine for OpenType fonts. HarfBuzz version before 12.3.0 has a security vulnerability , the vulnerability stems from the SubtableUnicodesCache::create function does not check the hbmalloc return value , which may lead to null pointer dereferencing and...
GO-2025-4087 Unchecked memory allocation during vector deserialization in github.com/consensys/gnark-crypto
Unchecked memory allocation during vector deserialization in github.com/consensys/gnark-crypto...
gnark-crypto allows unchecked memory allocation during vector deserialization
The issue has been reported by @raefko from @fuzzinglabs. Excerpts from the report: A critical vulnerability exists in the gnark-crypto library's Vector.ReadFrom function that allows an attacker to trigger arbitrary memory allocation by crafting malicious input data. An attacker can cause the...
EUVD-2025-37035
gnark-crypto allows unchecked memory allocation during vector deserialization...
Denial Of Service (DoS)
net-imap is vulnerable to Denial Of Service DoS. The vulnerability is due to memory exhaustion due to automatic and unchecked memory allocation when handling large 'literal' byte counts in server responses from untrusted IMAP servers...
The vulnerability of the `vidtv_s302m_encoder_init()` function in the `drivers/media/test-drivers/vidtv/vidtv_s302m.c` file of the Vidtv driver for the Linux operating system, which allows a hacker to cause a service failure.
The vulnerability of the vidtvs302mencoderinit function in the drivers/media/test-drivers/vidtv/vidtvs302m.c file of the Vidtv driver for the Linux operating system is related to the lack of code checks for the vzalloc function’s return value. Exploiting this vulnerability could allow an attacker...
SUSE CVE-2017-18210
In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function BenchmarkOpenCLDevices in MagickCore/opencl.c because a memory allocation result is not checked...
SUSE CVE-2022-3104
An issue was discovered in the Linux kernel through 5.16-rc6. lkdtmARRAYBOUNDS in drivers/misc/lkdtm/bugs.c lacks check of the return value of kmalloc and will cause the null pointer dereference...
kernel: sfc_ef100: NULL pointer dereference in ef100_update_stats()
An issue was discovered in the Linux kernel through 5.16-rc6. ef100updatestats in drivers/net/ethernet/sfc/ef100nic.c lacks check of the return value of kmalloc...
The vulnerability of the gsskrb5_extract_authz_data_from_sec_context_ex function in the gssapi module of the Secret Net Studio security system allows a attacker to cause a service failure.
The vulnerability of the gsskrb5extractauthzdatafromseccontextex function in the gssapi module of the Secret Net Studio security system is related to the lack of checks for the execution of the memory allocation command. Exploiting this vulnerability could allow a remote attacker to cause service...
CVE-2019-12378
An issue was discovered in ip6racontrol in net/ipv6/ipv6sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of newra, which might allow an attacker to cause a denial of service NULL pointer dereference and system crash. NOTE: This has been disputed as not an issue...
xorg-x11-server: denial of service due to unchecked malloc in client authentication
It was found that the X.Org server did not properly handle SUN-DES-1 Secure RPC authentication credentials. A malicious, unauthenticated client could use this flaw to crash the X.Org server by submitting a specially crafted authentication request...
Re: [securityreason] *BSD libc (strfmon) Multiple vulnerabilities
On Mar 27, 2:09pm, [email protected] [email protected] wrote: -- Subject: securityreason BSD libc strfmon Multiple vulnerabilities ... stuff deleted ... | Problem exist also in printf function. | | Example code will show Integer Overflow . | | - ---example-start-- | include stdio.h | ...