255 matches found
SUSE CVE-2006-20001
A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool heap memory location beyond the header value sent. This could cause the process to crash. This issue affects Apache HTTP Server 2.4.54 and earlier...
SUSE CVE-2013-6954
The pngdoexpandpalette function in libpng before 1.6.8 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via 1 a PLTE chunk of zero bytes or 2 a NULL palette, related to pngrtran.c and pngset.c...
SUSE CVE-2014-5120
gdctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to overwrite arbitrary files via crafted input to an application that calls the 1 imagegd, 2 imagegd2, 3 imagegif, 4 imagejpeg, 5...
SUSE CVE-2014-5355
MIT Kerberos 5 aka krb5 through 1.13.1 incorrectly expects that a krb5readmessage data field is represented as a string ending with a '\0' character, which allows remote attackers to 1 cause a denial of service NULL pointer dereference via a zero-byte version string or 2 cause a denial of service...
SUSE CVE-2015-2694
The kdcpreauth modules in MIT Kerberos 5 aka krb5 1.12.x and 1.13.x before 1.13.2 do not properly track whether a client's request has been validated, which allows remote attackers to bypass an intended preauthentication requirement by providing 1 zero bytes of data or 2 an arbitrary realm name,...
SUSE CVE-2016-8646
The hashaccept function in crypto/algifhash.c in the Linux kernel before 4.3.6 allows local users to cause a denial of service OOPS by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data...
SUSE CVE-2016-9448
The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service NULL pointer dereference and crash by setting the tags TIFFSETGETC16ASCII or TIFFSETGETC32ASCII to values that access 0-byte arrays. NOTE: this vulnerability exists because of an incomplete fix f...
SUSE CVE-2017-1000257
An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that non-existing data with a pointer and the size zero to the deliver-data function. libcurl's deliver-data function treats zero as a mag...
SUSE CVE-2022-4450
The function PEMreadbioex reads a PEM file from a BIO and parses and decodes the "name" e.g. "CERTIFICATE", any header data and the payload data. If the function succeeds then the "nameout", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data...
PT-2023-32971 · Openssl · Openssl
Name of the Vulnerable Software and Affected Versions: OpenSSL versions prior to 1.1.0 Description: A double-free issue exists where a malicious PEM file with 0 bytes of payload data can cause a crash when parsed. This occurs because the file points to already freed memory, which when freed again...
ALPINE-CVE-2022-4450
The function PEMreadbioex reads a PEM file from a BIO and parses and decodes the "name" e.g. "CERTIFICATE", any header data and the payload data. If the function succeeds then the "nameout", "header" and "data" arguments are populated with pointers to buffers containing the relevant decoded data...
PT-2023-6757 · Apache +4 · Apache +4
Name of the Vulnerable Software and Affected Versions: ModSecurity versions prior to 2.9.7 Description: The issue is related to errors in security settings of the WAF engine for Apache ModSecurity. It may allow a remote attacker to bypass existing firewall rules. The problem also involves incorre...
CVE-2022-1841
In subsys/net/ip/tcp.c , function tcpflags , when the incoming parameter flags is ECN or CWR , the buf will out-of-bounds write a byte zero...
httpd: Single zero byte stack overflow in mod_auth_digest
A flaw was found in Apache httpd. The modauthdigest has a single zero byte stack overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
httpd: Single zero byte stack overflow in mod_auth_digest
A flaw was found in Apache httpd. The modauthdigest has a single zero byte stack overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
httpd: Single zero byte stack overflow in mod_auth_digest
A flaw was found in Apache httpd. The modauthdigest has a single zero byte stack overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
The vulnerability of the library for reading, creating, and editing DjVu files, DjVuLibre, is related to reading data beyond the allowed buffer limits, allowing an intruder to cause a service failure.
The vulnerability of the library for viewing, creating, and editing DjVu files in DjVuLibre is related to the lack of checks for zero bytes. Exploiting this vulnerability could allow a malicious actor to cause service failures...
Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2021-1961)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EasyApache 缓冲区错误漏洞
Apache HTTP Server is an open source web server from the Apache Foundation. The server is fast, reliable, and extensible via a simple API. Apache HTTP Server is vulnerable to a per-zero-byte stack overflow in modauthdigest, which can be exploited to trigger remote code execution or...
ALPINE-CVE-2020-27840
A flaw was found in samba. Spaces used in a string around a domain name DN, while supposed to be ignored, can cause invalid DN strings with spaces to instead write a zero-byte into out-of-bounds memory, resulting in a crash. The highest threat from this vulnerability is to system availability...