538 matches found
Denial of service
An issue was discovered in libjpeg 9a and 9d. The allocsarray function in jmemmgr.c allows remote attackers to cause a denial of service divide-by-zero error via a crafted file...
Updated libsndfile packages fix security vulnerabilities
An out of bounds read in the function d2alawarray in alaw.c of libsndfile 1.0.28 may lead to a remote DoS attack or information disclosure, related to mishandling of the NAN and INFINITY floating-point values CVE-2017-14245. An out of bounds read in the function d2ulawarray in ulaw.c of libsndfil...
CVE-2018-11212
An issue was discovered in libjpeg 9a and 9d. The allocsarray function in jmemmgr.c allows remote attackers to cause a denial of service divide-by-zero error via a crafted file...
CVE-2014-8130
The TIFFmalloc function in tifunix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tifwrite.c, as demonstrated by...
Updated TiMidity++ packages fix security vulnerabilities
The insertnotesteps function in readmidi.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service divide-by-zero error and application crash via a crafted mid file. NOTE: a crash might be relevant when using the --background option CVE-2017-11546. The resamplegauss function in...
openSUSE Security Update : ghostscript (openSUSE-2018-157)
This update for ghostscript fixes several security issues : - CVE-2017-9835: The gsallocrefarray function allowed remote attackers to cause a denial of service heap-based buffer overflow and application crash or possibly have unspecified other impact via a crafted PostScript document bsc1050879. ...
SUSE-SU-2018:0351-1 Recommended update for libsndfile
This update for libsndfile fixes a memory leak in an error path.bsc1038856 - CVE-2017-16942: A divide-by-zero error exists in the function wavw64readfmtchunk in wavw64.c, which may lead to DoS when playing a crafted audio file. bsc1069874 - CVE-2017-14634: In libsndfile 1.0.28, a divide-by-zero...
Amazon Linux AMI : kernel (ALAS-2017-937) (Dirty COW)
A flaw was found in the patches used to fix the 'dirtycow' vulnerability CVE-2016-5195. An attacker, able to run local code, can exploit a race condition in transparent huge pages to modify usually read-only huge pages. CVE-2017-1000405 Linux kernel Virtualization Module CONFIGKVM for the Intel...
CVE-2017-17381
The Virtio Vring implementation in QEMU allows local OS guest users to cause a denial of service divide-by-zero error and QEMU process crash by unsetting vring alignment while updating Virtio rings...
CVE-2017-17381
The Virtio Vring implementation in QEMU allows local OS guest users to cause a denial of service divide-by-zero error and QEMU process crash by unsetting vring alignment while updating Virtio rings...
CVE-2017-17381
The Virtio Vring implementation in QEMU allows local OS guest users to cause a denial of service divide-by-zero error and QEMU process crash by unsetting vring alignment while updating Virtio rings...
Denial Of Service (DoS)
aubio is vulnerable to denial of service DoS attacks. An attacker can pass a malicious audio file to the newaubiosourcewavread function in sourcewavread.c, leading to a divide-by-zero error...
CVE-2017-17054
In aubio 0.4.6, a divide-by-zero error exists in the function newaubiosourcewavread in sourcewavread.c, which may lead to DoS when playing a crafted audio file...
PYSEC-2017-75
In aubio 0.4.6, a divide-by-zero error exists in the function newaubiosourcewavread in sourcewavread.c, which may lead to DoS when playing a crafted audio file...
Code injection
In aubio 0.4.6, a divide-by-zero error exists in the function newaubiosourcewavread in sourcewavread.c, which may lead to DoS when playing a crafted audio file...
CVE-2017-17054
In aubio 0.4.6, a divide-by-zero error exists in the function newaubiosourcewavread in sourcewavread.c, which may lead to DoS when playing a crafted audio file...
CVE-2017-17054
In aubio 0.4.6, a divide-by-zero error exists in the function newaubiosourcewavread in sourcewavread.c, which may lead to DoS when playing a crafted audio file...
CVE-2017-17054
In aubio 0.4.6, a divide-by-zero error exists in the function newaubiosourcewavread in sourcewavread.c, which may lead to DoS when playing a crafted audio file...
Code injection
In libsndfile 1.0.25 fixed in 1.0.26, a divide-by-zero error exists in the function wavw64readfmtchunk in wavw64.c, which may lead to DoS when playing a crafted audio file...
CVE-2017-16942
In libsndfile 1.0.25 fixed in 1.0.26, a divide-by-zero error exists in the function wavw64readfmtchunk in wavw64.c, which may lead to DoS when playing a crafted audio file...