c-ares: 0-byte UDP payload Denial of Service

A vulnerability was found in c-ares. This issue occurs due to a 0-byte UDP payload that can cause a Denial of Service...

c-ares: 0-byte UDP payload Denial of Service

A vulnerability was found in c-ares. This issue occurs due to a 0-byte UDP payload that can cause a Denial of Service...

c-ares: 0-byte UDP payload Denial of Service

A vulnerability was found in c-ares. This issue occurs due to a 0-byte UDP payload that can cause a Denial of Service...

c-ares: 0-byte UDP payload Denial of Service

A vulnerability was found in c-ares. This issue occurs due to a 0-byte UDP payload that can cause a Denial of Service...

c-ares: 0-byte UDP payload Denial of Service

A vulnerability was found in c-ares. This issue occurs due to a 0-byte UDP payload that can cause a Denial of Service...

c-ares: 0-byte UDP payload Denial of Service

A vulnerability was found in c-ares. This issue occurs due to a 0-byte UDP payload that can cause a Denial of Service...

c-ares: 0-byte UDP payload Denial of Service

A vulnerability was found in c-ares. This issue occurs due to a 0-byte UDP payload that can cause a Denial of Service...

httpd: mod_dav: out-of-bounds read/write of zero byte

A flaw was found in the moddav module of httpd. A specially crafted "If:" request header can cause a memory read or write of a single zero byte due to a missing error check, resulting in a Denial of Service...

CVE-2023-32067

...

openssl: double free after calling PEM_read_bio_ex

A double-free vulnerability was found in OpenSSL's PEMreadbioex function. The function PEMreadbioex reads a PEM file from a BIO and parses and decodes the "name" for example, "CERTIFICATE", any header data, and the payload data. If the function succeeds, then the "nameout," "header," and "data"...

httpd: mod_dav: out-of-bounds read/write of zero byte

A flaw was found in the moddav module of httpd. A specially crafted "If:" request header can cause a memory read or write of a single zero byte due to a missing error check, resulting in a Denial of Service...

openssl: double free after calling PEM_read_bio_ex

A double-free vulnerability was found in OpenSSL's PEMreadbioex function. The function PEMreadbioex reads a PEM file from a BIO and parses and decodes the "name" for example, "CERTIFICATE", any header data, and the payload data. If the function succeeds, then the "nameout," "header," and "data"...

SUSE CVE-2006-20001

A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool heap memory location beyond the header value sent. This could cause the process to crash. This issue affects Apache HTTP Server 2.4.54 and earlier...

SUSE CVE-2013-6954

The pngdoexpandpalette function in libpng before 1.6.8 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via 1 a PLTE chunk of zero bytes or 2 a NULL palette, related to pngrtran.c and pngset.c...

SUSE CVE-2014-5120

gdctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to overwrite arbitrary files via crafted input to an application that calls the 1 imagegd, 2 imagegd2, 3 imagegif, 4 imagejpeg, 5...

SUSE CVE-2014-5355

MIT Kerberos 5 aka krb5 through 1.13.1 incorrectly expects that a krb5readmessage data field is represented as a string ending with a '\0' character, which allows remote attackers to 1 cause a denial of service NULL pointer dereference via a zero-byte version string or 2 cause a denial of service...

SUSE CVE-2015-2694

The kdcpreauth modules in MIT Kerberos 5 aka krb5 1.12.x and 1.13.x before 1.13.2 do not properly track whether a client's request has been validated, which allows remote attackers to bypass an intended preauthentication requirement by providing 1 zero bytes of data or 2 an arbitrary realm name,...

SUSE CVE-2016-8646

The hashaccept function in crypto/algifhash.c in the Linux kernel before 4.3.6 allows local users to cause a denial of service OOPS by attempting to trigger use of in-kernel hash algorithms for a socket that has received zero bytes of data...

SUSE CVE-2016-9448

The TIFFFetchNormalTag function in LibTiff 4.0.6 allows remote attackers to cause a denial of service NULL pointer dereference and crash by setting the tags TIFFSETGETC16ASCII or TIFFSETGETC32ASCII to values that access 0-byte arrays. NOTE: this vulnerability exists because of an incomplete fix f...

SUSE CVE-2017-1000257

An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that non-existing data with a pointer and the size zero to the deliver-data function. libcurl's deliver-data function treats zero as a mag...