iOS version 10.1.x suffers from certificate file memory corruption vulnerability.
e7bbdbae617181e615d1a0d0eb5e94af
Apple macOS version 10.12.1 and iOS version 10 suffer from man-in-the-middle and denial of service issues with SecureTransport SSL handshakes.
c5b8b509efdfac6bc465c90103b25bc4
Apple's libc security update for OS X El Capitan version 10.11.2 has an incomplete fix.
fe1c63555847aae8ffd0309a67cf9bee
glibc catopen() suffers from multiple unbounded stack allocations.
29122a42dc712a3bab33f35587fc0f32
Magento versions 1.9.x suffer from a man-in-the-middle vulnerability.
d4629aef37844f685b215972a6c2c381
Mac OS X version 10.11 suffered from an FTS deep structure of the file system buffer overflow vulnerability.
675fdc1af0d659351253897581e4b48f
MacOS X 10.11 suffers from a hardlink bomb issue that causes resource exhaustion.
8c5414e45c6ca9b641f094c5a3f77d90
The MacOS X 10.11 FTS library suffers from a buffer overflow vulnerability.
9743ffd8cc8914fcc53cea6bc0727ce7
phpMyAdmin version 4.4.6 suffers from a man-in-the-middle vulnerability when reaching out to github's API.
81e9e5fd359dc67b1c3ad8ee81cdc874
GCC and CLANG C++11 regex functionality suffers from resource exhaustion issues.
51eecc302c75f2cb047fcabd7bfec661
Multiple vulnerabilities have been reported in HFS, including a hard linking issue that can be used to trigger a denial of service condition.
7abe9922ac9ab9a5db84f4be02f260a3
Mac OS X, Safari, Firefox and Kaspersky all suffer from a regular expression denial of service condition that was discovered long ago in regcomp().
88c2401f212d47291e03a6841a990296
ftpd on Mac OS X 10.8.3 suffers from a denial of service vulnerability. This appears to be an old vulnerability that has not been properly addressed.
94001b19568c07c69c7c414d0e13a01d
FreeBSD version 9.1 suffers from a remote ftpd denial of service vulnerability.
47f91c920f06be27556aed6412450760
cIFrex is a small script written in PHP that supports searching for bugs in the analysis of the source code. It uses a database of regular expressions.
a00aa8616264dfc91bfe29bc109dc94c
PHP versions 5.4 and 5.3 suffer from a deprecated eregi() memory_limit bypass vulnerability. Proof of concepts included.
0e2bd88a30f6eb4922b26eb8de7a90dc
PHP version 5.3.8 suffers from multiple NULL pointer dereference vulnerabilities.
bf292105d03f6ab7cae2bdbb9f964464
Recursion and bad memory management in BSD's libc/regcomp(3) can cause denial of service conditions.
b6c9f72bbcc0eb05bf0fe4ff6c3e7f9a
PHP version 5.3.6 suffers from a null pointer dereference vulnerability.
d9b449832cc8ca69a3e7f13a231f0024
PHP version 5.3.6 ZipArchive suffers from an invalid use of glob(3) vulnerability.
3e32f08383b3c3542c7b330e94eb4a54
NetBSD version 5.1 libc/net suffers from multiple buffer overflow vulnerabilities.
3ed028887b35b95f3e578b504cc48a86
Multiple vendors libc/fnmatch(3) suffer from a denial of service vulnerability. Affected software includes Apache 2.2.17, NetBSD 5.1, OpenBSD 4.8, FreeBSD, Mac OS X 10.6, and Sun Solaris 10. Apache proof of concept is included.
f3473d6423020b4e1327c5b4a2fc57fd
Multiple vendors are affected by a memory exhaustion vulnerability in libc/glob(3) GLOB_BRACE|GLOB_LIMIT.
5fafd1d9c86857aa20f16c8b110bb51a
libzip version 0.9.3 allows remote and local attackers to trigger a denial of service condition via a null pointer dereference if ZIP_FL_UNCHANGED flag is set.
c4d853d927057cdd4b9ae7ff98390369
Vsftpd version 2.3.2 proof of concept denial of service exploit.
09863966c8291875392d3c442e7bdde9