cassandra_macro (>=0.1.1 <=0.1.3), cdrs (>=0.1.0 <=4.0.0-beta.1) +19 more potentially affected by unknown CVE via lz4-compress (>=0.1.0 <=0.1.1)

lz4-compress CARGO version =0.1.0, =0.1.1, =0.1.0, =1.0.0, =0.3.3, =0.3.0, =0.1.0, =0.1.2 and more Source cves: unknown CVE Source advisory: OSV:RUSTSEC-2017-0007...

re2: Use-of-uninitialized-value in re2::Prog::Optimize

Project: https://code.googlesource.com/re2 Detailed report: https://oss-fuzz.com/testcase?key=6666938535116800 Project: re2 Fuzzer: libFuzzerre2fuzzer Fuzz target binary: re2fuzzer Job Type: libfuzzermsanre2 Platform Id: linux Crash Type: Use-of-uninitialized-value Crash Address: Crash State:...

DEBIAN-CVE-2017-5924

libyara/grammar.y in YARA 3.5.0 allows remote attackers to cause a denial of service use-after-free and application crash via a crafted rule that is mishandled in the yrcompilerdestroy function...

PT-2017-16761

Name of the Vulnerable Software and Affected Versions YARA version 3.5.0 Description The issue allows remote attackers to cause a denial of service, resulting in a use-after-free and application crash, by providing a crafted rule that is mishandled in the yr compiler destroy function...

DNSControl - Synchronize your DNS to multiple providers from a simple DSL

DNSControl is a system for maintaining DNS zones. It has two parts: a domain specific language DSL for describing DNS zones plus software that processes the DSL and pushes the resulting zones to DNS providers such as Route53, CloudFlare, and Gandi. It can talk to Microsoft ActiveDirectory and it...

Synchronize Your DNS to Multiple Providers: DNSControl

Synchronize Your DNS to Multiple Providers DNSControl is a system for maintaining DNS zones. It has two parts: a domain specific language DSL for describing DNS zones plus software that processes the DSL and pushes the resulting zones to DNS providers such as Route53, CloudFlare, and Gandi. It ca...

DEBIAN-CVE-2017-6430

The compiletree function in efcompiler.c in the Etterfilter utility in Ettercap 0.8.2 and earlier allows remote attackers to cause a denial of service out-of-bounds read via a crafted filter...

Integer overflow

Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service segmentation fault and application crash via a crafted image entry offset in an ICO file, which triggers an out-of-bounds read, related to compiler optimizations...

ALPINE-CVE-2017-6312

Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service segmentation fault and application crash via a crafted image entry offset in an ICO file, which triggers an out-of-bounds read, related to compiler optimizations...

CVE-2017-6312

Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service segmentation fault and application crash via a crafted image entry offset in an ICO file, which triggers an out-of-bounds read, related to compiler optimizations...

CVE-2017-6312

Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service segmentation fault and application crash via a crafted image entry offset in an ICO file, which triggers an out-of-bounds read, related to compiler optimizations...

CVE-2017-6312

Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service segmentation fault and application crash via a crafted image entry offset in an ICO file, which triggers an out-of-bounds read, related to compiler optimizations...

Windows PE Binary Static Analysis Tool : BinSkim

Windows PE Binary Static Analysis Tool BinSkim is a binary static analysis tool that scans Windows Portable Executable PE files for security and correctness. Among the verifications performed by BinSkim are validations that the PE file has opted into all of the binary mitigations offered by the...

CVE-2017-6312

Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service segmentation fault and application crash via a crafted image entry offset in an ICO file, which triggers an out-of-bounds read, related to compiler optimizations...

UBUNTU-CVE-2017-6312

Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service segmentation fault and application crash via a crafted image entry offset in an ICO file, which triggers an out-of-bounds read, related to compiler optimizations...

Android Arbitrary class loading and instantiation in protobuf parcelable "javanano" compiler

The protobuf library includes the "javanano" compiler, commonly used in many Android applications due to its tiny resource footprint. The "javanano" compiler supports a variety of Android-specific compilation flags which can be used to modify the generated message classes. One such compilation fl...

UBUNTU-CVE-2016-3995

The timing attack protection in Rijndael::Enc::ProcessAndXorBlock and Rijndael::Dec::ProcessAndXorBlock in Crypto++ aka cryptopp before 5.6.4 may be optimized out by the compiler, which allows attackers to conduct timing attacks...

Xen CMPXCHG8B Emulation Information Disclosure (XSA-200)

According to its self-reported version number, the Xen hypervisor installed on the remote host is missing a security update. It is, therefore, affected by an information disclosure vulnerability due to a flaw in the x86 instruction CMPXCHG8B when handling prefixes. This is triggered because legac...

openSUSE Security Update : lcms2 (openSUSE-2017-179)

This update for lcms2 to version 2.8 fixes the following issues : This security issue was fixed : - Fixed an out-of-bounds heap read in TypeMLURead that could be triggered by an untrusted image with a crafted ICC profile boo1021364. These non-security issues were fixed : - Fixed many typos in...

Mozilla Firefox ESR < 45.7 Multiple Vulnerabilities

Binary data 9928.prm...