A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote attackers to perform a denial of service via the "identify -help" command.

**Have a question about this project?** Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Pick a username

Email Address

Password

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CVE-2022-48541: Memory leak in identify -help · Issue #2889 · ImageMagick/ImageMagick

Buffer Overflow vulnerability in clj_media_size function in devices/gdevclj.c in Artifex Ghostscript 9.50 allows remote attackers to cause a denial of service or other unspecified impact(s) via opening of crafted PDF document.

'701846?cve=title' is not a valid bug number nor an alias to a bug.

Please press **Back** and try again.

CVE-2020-21890: Invalid Bug ID

A divide by zero issue discovered in eps_print_page in gdevepsn.c in Artifex Software GhostScript 9.50 allows remote attackers to cause a denial of service via opening of crafted PDF file.

'701843?cve=title' is not a valid bug number nor an alias to a bug.

Please press **Back** and try again.

CVE-2020-21710: Invalid Bug ID

memcached 1.6.7 allows a Denial of Service via multi-packet uploads in UDP.

Expand Up @@ -1183,9 +1183,9 @@ bool resp\_has\_stack(conn \*c) {  
void out\_string(conn \*c, const char \*str) { size\_t len; assert(c != NULL); mc\_resp \*resp \= c\->resp;  
assert(c != NULL); // if response was original filled with something, but we're now writing // out an error or similar, have to reset the object first. // TODO: since this is often redundant with allocation, how many callers Expand Down Expand Up @@ -2604,7 +2604,6 @@ static enum try\_read\_result try\_read\_udp(conn \*c) {  
/\* If this is a multi-packet request, drop it. \*/ if (buf\[4\] != 0 || buf\[5\] != 1) { out\_string(c, "SERVER\_ERROR multi-packet request not supported"); return READ\_NO\_DATA\_RECEIVED; }  
Expand Down

CVE-2022-48571: udp: crash fix when receiving multi-packet uploads · memcached/memcached@6b319c8

A stack overflow vulnerability exists in function read_file in atlibeconf/lib/getfilecontents.c in libeconf 0.5.1 allows attackers to cause a Denial of service or execute arbitrary code.

#ifdef HAVE\_CONFIG\_H # include #endif #include #include #include "libeconf.h" /\* Test case: Open default login.defs from shadow and try out if we can read all entries \*/ int main(int argc, char \*argv\[\]) { econf\_file \*key\_file = NULL; char \*\*keys; size\_t key\_number; char \*val; econf\_err error; if ((error = econf\_readFile (&key\_file, argv\[1\], "= \\t", "#"))) { fprintf (stderr, "ERROR: couldn't read configuration file: %s\\n", econf\_errString(error)); return 1; } if ((error = econf\_getStringValue (key\_file, NULL, "USERGROUPS\_ENAB", &val))) { fprintf (stderr, "Error reading USERGROUPS\_ENAB: %s\\n", econf\_errString(error)); return 1; } else if (strlen(val) == 0) { fprintf (stderr, "USERGROUPS\_ENAB returns nothing!\\n"); return 1; } else if (strcmp (val, "yes") != 0) { fprintf (stderr, "USERGROUPS\_ENAB returns wrong value: '%s'\\n", val); return 1; } free (val); if ((error = econf\_getStringValue (key\_file, NULL, "ENV\_SUPATH", &val))) { fprintf (stderr, "Error reading ENV\_SUPATH: %s\\n", econf\_errString(error)); return 1; } else if (strlen(val) == 0) { fprintf (stderr, "ENV\_SUPATH returns nothing!\\n"); return 1; } else if (strcmp (val, "PATH=/sbin:/bin:/usr/sbin:/usr/bin") != 0) { fprintf (stderr, "ENV\_SUPATH returns wrong value: '%s'\\n", val); return 1; } free (val); if ((error = econf\_getStringValue (key\_file, "", "UMASK", &val))) { fprintf (stderr, "Error reading UMASK: %s\\n", econf\_errString(error)); return 1; } else if (strlen(val) == 0) { fprintf (stderr, "UMASK returns nothing!\\n"); return 1; } else if (strcmp (val, "022") != 0) { fprintf (stderr, "UMASK returns wrong value: '%s'\\n", val); return 1; } free (val); error = econf\_getKeys(key\_file, NULL, &key\_number, &keys); if (error) { fprintf (stderr, "Error getting all keys: %s\\n", econf\_errString(error)); return 1; } if (key\_number == 0) { fprintf (stderr, "No keys found?\\n"); return 1; } for (size\_t i = 0; i < key\_number; i++) { printf ("%zu: %s\\n", i, keys\[i\]); } econf\_free (keys); econf\_free (key\_file); return 0; }

CVE-2023-30079

Null pointer dereference in ieee_write_file in nasm 2.16rc0 allows attackers to cause a denial of service (crash).

Self-registration is disabled due to spam issue (mail gorcunov@gmail.com or hpa@zytor.com to create an account)

'3392818?cve=title' is not a valid bug number nor an alias to a bug.

Please press **Back** and try again.

CVE-2023-38665: Invalid Bug ID

Stack-based buffer over-read in function disasm in nasm 2.16 allows attackers to cause a denial of service.

Self-registration is disabled due to spam issue (mail gorcunov@gmail.com or hpa@zytor.com to create an account)

'3392812?cve=title' is not a valid bug number nor an alias to a bug.

Please press **Back** and try again.

CVE-2023-38667: Invalid Bug ID

Stack-based buffer over-read in disasm in nasm 2.16 allows attackers to cause a denial of service (crash).

Self-registration is disabled due to spam issue (mail gorcunov@gmail.com or hpa@zytor.com to create an account)

'3392811?cve=title' is not a valid bug number nor an alias to a bug.

Please press **Back** and try again.

CVE-2023-38668: Invalid Bug ID

A memory consumption issue in get_data function in binutils/nm.c in GNU nm before 2.34 allows attackers to cause a denial of service via crafted command.

'25362?cve=title' is not a valid bug number nor an alias to a bug.

Please press **Back** and try again.

CVE-2020-19724: Invalid Bug ID

An issue was discovered in PostgreSQL 12.2 allows attackers to cause a denial of service via repeatedly sending SIGHUP signals.

Tag

#dos