Page 12 of 115 results (0.009 seconds)

CVSS: 6.8EPSS: 0%CPEs: 30EXPL: 1

CVE-2015-6031

https://notcve.org/view.php?id=CVE-2015-6031

Buffer overflow in the IGDstartelt function in igd_desc_parse.c in the MiniUPnP client (aka MiniUPnPc) before 1.9.20150917 allows remote UPNP servers to cause a denial of service (application crash) and possibly execute arbitrary code via an "oversized" XML element name. Desbordamiento de buffer en la función IGDstartelt en igd_desc_parse.c en el cliente MiniUPnP (también conocido como MiniUPnPc) en versiones anteriores a 1.9.20150917 permite a servidores UPNP remotos provocar una denegación de servicio (caída de la aplicación) y posiblemente ejecutar código arbitrario a través de un nombre de elemento XML 'oversized'. • http://lists.opensuse.org/opensuse-updates/2015-11/msg00122.html http://talosintel.com/reports/TALOS-2015-0035 http://www.debian.org/security/2015/dsa-3379 http://www.securityfocus.com/bid/77306 http://www.ubuntu.com/usn/USN-2780-1 http://www.ubuntu.com/usn/USN-2780-2 https://github.com/miniupnp/miniupnp/blob/master/miniupnpc/Changelog.txt https://github.com/miniupnp/miniupnp/commit/79cca974a4c2ab1199786732a67ff6d898051b78 https://security.gentoo.org/glsa/201801-08 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 6%CPEs: 7EXPL: 0

CVE-2015-3225 – rubygem-rack: Potential Denial of Service Vulnerability in Rack normalize_params()

https://notcve.org/view.php?id=CVE-2015-3225

lib/rack/utils.rb in Rack before 1.5.4 and 1.6.x before 1.6.2, as used with Ruby on Rails 3.x and 4.x and other products, allows remote attackers to cause a denial of service (SystemStackError) via a request with a large parameter depth. Vulnerabilidad en lib/rack/utils.rb en Rack en versiones anteriores a 1.5.4 y 1.6.x anteriores a 1.6.2, tal como se utiliza con Ruby on Rails en versiones 3.x y 4.x y en otros productos, permite a atacantes remotos provocar una denegación de servicio (SystemStackError) a través de una solicitud con un parámetro de gran tamaño. A flaw was found in a way Rack processed parameters of incoming requests. An attacker could use this flaw to send a crafted request that would cause an application using Rack to crash. • http://lists.fedoraproject.org/pipermail/package-announce/2015-August/164173.html http://lists.fedoraproject.org/pipermail/package-announce/2015-August/165180.html http://lists.opensuse.org/opensuse-updates/2015-07/msg00040.html http://lists.opensuse.org/opensuse-updates/2015-07/msg00043.html http://lists.opensuse.org/opensuse-updates/2015-07/msg00044.html http://openwall.com/lists/oss-security/2015/06/16/14 http://rhn.redhat.com/errata/RHSA-2015-2290.html http://www.debian.org/security&#x • CWE-19: Data Processing Errors CWE-400: Uncontrolled Resource Consumption •

CVSS: 6.8EPSS: 3%CPEs: 27EXPL: 0

CVE-2015-1283 – chromium-browser: Heap-buffer-overflow in expat.

https://notcve.org/view.php?id=CVE-2015-1283

Multiple integer overflows in the XML_GetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403.89 and other products, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted XML data, a related issue to CVE-2015-2716. Múltiples vulnerabilidades de desbordamiento de entero en la función XML_GetBuffer en Expat hasta la versión 2.1.0 implementada en Chrome en versiones anteriores a la 44.0.2403.89 y otros productos permite a atacantes remotos causar una denegación de servicio mediante un desbordamiento de buffer basado en memoria dinámica o, posiblemente tener otro impacto no especificado a través de datos XML manipulados, un tema relacionado con CVE-2015-2716. • http://googlechromereleases.blogspot.com/2015/07/stable-channel-update_21.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00010.html http://rhn.redhat.com/errata/RHSA-2015-1499.html http • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •

CVSS: 5.0EPSS: 0%CPEs: 11EXPL: 0

CVE-2015-3451

https://notcve.org/view.php?id=CVE-2015-3451

The _clone function in XML::LibXML before 2.0119 does not properly set the expand_entities option, which allows remote attackers to conduct XML external entity (XXE) attacks via crafted XML data to the (1) new or (2) load_xml function. La función _clone en XML::LibXML en versiones anteriores a 2.0119 no establece correctamente la opción expand_entities, lo que permite a atacantes remotos llevar a cabo ataques de entidad externa XML (XXE) a través de datos XML manipulados a la función (1) new o (2) load_xml. • http://advisories.mageia.org/MGASA-2015-0199.html http://cpansearch.perl.org/src/SHLOMIF/XML-LibXML-2.0119/Changes http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157448.html http://lists.fedoraproject.org/pipermail/package-announce/2015-May/157740.html http://lists.opensuse.org/opensuse-updates/2015-09/msg00006.html http://www.debian.org/security/2015/dsa-3243 http://www.mandriva.com/security/advisories?name=MDVSA-2015:231 http://www.openwall.com/lists/oss-security/20 • CWE-611: Improper Restriction of XML External Entity Reference •

CVSS: 6.8EPSS: 0%CPEs: 13EXPL: 1

CVE-2015-2305 – regex: heap overflow in regcomp() on 32-bit architectures

https://notcve.org/view.php?id=CVE-2015-2305

Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow. Desbordamiento de enteros en la implementación regcomp en la librería Henry Spencer BSD regex (también conocido como rxspencer) alpha3.8.g5 en las plataformas de 32 bits, utilizado en NetBSD hasta 6.1.5 y otros productos, podría permitir a atacantes dependientes de contexto ejecutar código arbitrario a través de una expresión regular grande que conlleva a un desbordamiento de buffer basado en memoria dinámica. A heap buffer overflow flaw was found in the regcomp() function of Henry Spencer's regular expression library. An attacker able to make an application process a specially crafted regular expression pattern with the regcomp() function could cause that application to crash and possibly execute arbitrary code. • http://blog.clamav.net/2015/04/clamav-0987-has-been-released.html http://lists.apple.com/archives/security-announce/2015/Sep/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html http://lists.opensuse.org/opensuse-updates/2015-04/msg00002.html http://lists.opensuse.org/opensuse-updates/2015-05/msg00024.html http://marc.info/?l=bugtraq&m=143403519711434&w=2 http://openwall.com&#x • CWE-190: Integer Overflow or Wraparound •