Astra Linux - уязвимость в libsoup2.4

A flaw was discovered in libsoup. It is vulnerable to memory leaks in the soupheaderparsequalitylist function when parsing a quality list that contains elements with all zeros...

kernel: Linux kernel: Information disclosure and denial of service in ntb_hw_switchtec module

A flaw was found in the Linux kernel. A local user could exploit a shift-out-of-bounds vulnerability within the ntbhwswitchtec module. This vulnerability arises when the ntbmwcleartrans application programming interface API processes zero values for address and size, leading to an invalid memory...

libsoup: Memory leak on soup_header_parse_quality_list() via soup-headers.c

A flaw was found in libsoup. It is vulnerable to memory leaks in the soupheaderparsequalitylist function when parsing a quality list that contains elements with all zeroes...

AZL-61615 CVE-2025-46420 affecting package libsoup for versions less than 3.4.4-6

A flaw was found in libsoup. It is vulnerable to memory leaks in the soupheaderparsequalitylist function when parsing a quality list that contains elements with all zeroes...

SUSE CVE-2025-46420

A flaw was found in libsoup. It is vulnerable to memory leaks in the soupheaderparsequalitylist function when parsing a quality list that contains elements with all zeroes...

SUSE CVE-2015-3223

The ldbwildcardcompare function in ldbmatch.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service infinite loop via crafted packets...

SUSE CVE-2016-2827

The mozilla::net::IsValidReferrerPolicy function in Mozilla Firefox before 49.0 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a Content Security Policy CSP referrer directive with zero values...

glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions

A flaw was found in glibc in versions prior to 2.32. Pseudo-zero values are not validated causing a stack corruption due to a stack-based overflow. The highest threat from this vulnerability is to system availability...

glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions

A flaw was found in glibc in versions prior to 2.32. Pseudo-zero values are not validated causing a stack corruption due to a stack-based overflow. The highest threat from this vulnerability is to system availability...

CVE-2016-2827

The mozilla::net::IsValidReferrerPolicy function in Mozilla Firefox before 49.0 allows remote attackers to cause a denial of service out-of-bounds read and application crash via a Content Security Policy CSP referrer directive with zero values...

UBUNTU-CVE-2015-7513

arch/x86/kvm/x86.c in the Linux kernel before 4.4 does not reset the PIT counter values during state restoration, which allows guest OS users to cause a denial of service divide-by-zero error and host OS crash via a zero value, related to the kvmvmioctlsetpit and kvmvmioctlsetpit2 functions...

DEBIAN-CVE-2015-3223

The ldbwildcardcompare function in ldbmatch.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service infinite loop via crafted packets...

CVE-2015-3223

The ldbwildcardcompare function in ldbmatch.c in ldb before 1.1.24, as used in the AD LDAP server in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3, mishandles certain zero values, which allows remote attackers to cause a denial of service infinite loop via crafted packets...

(ospf6d): Denial of service by decoding malformed Database Description packet headers

The ospf6lsaischanged function in ospf6lsa.c in the OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service assertion failure and daemon exit via trailing zero values in the Link State Advertisement LSA header list of an IPv6 Database...

CVE-2011-4587

lib/moodlelib.php in Moodle 1.9.x before 1.9.15, 2.0.x before 2.0.6, and 2.1.x before 2.1.3 does not properly handle certain zero values in the password policy, which makes it easier for remote attackers to obtain access by leveraging the possible existence of user accounts that have unchangeable...

CVE-2011-3324

The ospf6lsaischanged function in ospf6lsa.c in the OSPFv3 implementation in ospf6d in Quagga before 0.99.19 allows remote attackers to cause a denial of service assertion failure and daemon exit via trailing zero values in the Link State Advertisement LSA header list of an IPv6 Database...