Lucene search
K

32 matches found

Vulnrichment
Vulnrichment
added 2018/07/31 10:0 p.m.5 views

CVE-2016-8617

The base64 encode function in curl before version 7.51.0 is prone to a buffer being under allocated in 32bit systems if it receives at least 1Gb as input via CURLOPTUSERNAME...

3.3CVSS7.4AI score0.00593EPSS
Exploits0References12
CVE
CVE
added 2018/07/31 10:0 p.m.162 views

CVE-2016-8617

CVE-2016-8617 affects libcurl’s base64 encoding path. The output buffer is allocated as insize * 4 / 3 + 4 without checks, which on 32‑bit user-space systems can wrap when input size reaches ≥1 GB. This under-allocated buffer may be overflowed as the full encoded data is written. Systems with 64‑...

7CVSS7.8AI score0.00593EPSS
Exploits0References12Affected Software1
Cvelist
Cvelist
added 2018/07/31 10:0 p.m.28 views

CVE-2016-8617

The base64 encode function in curl before version 7.51.0 is prone to a buffer being under allocated in 32bit systems if it receives at least 1Gb as input via CURLOPTUSERNAME...

3.3CVSS6.7AI score0.00593EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2017/12/26 12:0 a.m.34 views

F5 Networks BIG-IP : libcurl vulnerability (K44503763)

The base64 encode function in curl before version 7.51.0 is prone to a buffer being under allocated in 32bit systems if it receives at least 1Gb as input via CURLOPTUSERNAME. CVE-2016-8617 Impact This vulnerability may allow an attacker to overwrite memory behind the output buffer. C Tenable...

7CVSS6.8AI score0.00593EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2016/11/02 8:47 a.m.34 views

CVE-2016-8617

The base64 encode function in curl before version 7.51.0 is prone to a buffer being under allocated in 32bit systems if it receives at least 1Gb as input via CURLOPTUSERNAME...

7CVSS4.9AI score0.00593EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2016/11/02 12:0 a.m.31 views

CVE-2016-8617

The base64 encode function in curl before version 7.51.0 is prone to a buffer being under allocated in 32bit systems if it receives at least 1Gb as input via CURLOPTUSERNAME...

7CVSS6.8AI score0.00593EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2014/10/15 12:0 a.m.51 views

Microsoft Windows FAT32 Disk Partition Driver Privilege Escalation Vulnerability (2998579)

This host is missing an important security update according to Microsoft Bulletin MS14-063. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

7.2CVSS5AI score0.02882EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2013/03/21 5:46 p.m.3 views

boost: ordered_malloc() overflow

Integer overflow in the orderedmalloc function in boost/pool/pool.hpp in Boost Pool before 3.9 makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large memory chunk size value, which causes less memory to be allocated than expected...

5CVSS7.5AI score0.03889EPSS
Exploits1References4
OSV
OSV
added 2012/07/25 7:55 p.m.1 views

DEBIAN-CVE-2005-4895

Multiple integer overflows in TCMalloc tcmalloc.cc in gperftools before 0.4 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large size value, which causes less memory to be allocated than expected...

5CVSS7AI score0.01141EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2011/02/08 12:0 a.m.35 views

Adobe Acrobat Reader U3D Texture Parser ILBM Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

9CVSS4.2AI score0.06417EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2010/10/18 12:0 a.m.18 views

IBM Informix Dynamic Server librpc.dll Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of IBM Informix Dynamic Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RPC protocol parsing library, librpc.dll, utilized by the ISM Portmapper...

10CVSS7.9AI score
Exploits0
RedHat Linux
RedHat Linux
added 2009/01/07 1:38 p.m.2 views

lcms: unsigned -> signed integer cast issue in cmsAllocGamma

Integer signedness error in the cmsAllocGamma function in src/cmsgamma.c in Little cms color engine aka lcms before 1.17 allows attackers to have an unknown impact via a file containing a certain "number of entries" value, which is interpreted improperly, leading to an allocation of insufficient...

10CVSS5.8AI score0.02162EPSS
Exploits0References4
Rows per page
Query Builder