CVE-2020-3616

Buffer overflow in display function due to memory copy without checking length of size using strcpy function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8017,...

CVE-2020-3616

CVE-2020-3616 describes a buffer overflow in Qualcomm Snapdragon display code caused by a memory copy using strcpy without length checking. Affected products include Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, and Wearables across APQ8017/8053/8096AU/8098, ...

CVE-2020-3610

Possibility of double free of the drawobj that is added to the drawqueue array of the context during IOCTL commands as there is no refcount taken for this object in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IO...

CVE-2019-14078

CVE-2019-14078: Out-of-bounds memory access during processing of qpay due to failure to validate the length of the response buffer. Affected components are Qualcomm Snapdragon families (Snapdragon Auto/Compute/Consumer IoT/Industrial IoT/Mobile/Voice & Music/Wired Infrastructure & Networking) acr...

CVE-2019-14077

CVE-2019-14077 is a memory-about-out-of-bounds issue in Snapdragon SoCs where an ese transmit command can corrupt memory by using a user-supplied Response buffer. Affected products span Qualcomm-based hardware in Snapdragon Auto/Compute/Connectivity/IoT/Industrial IoT, including various Snapdrago...

CVE-2019-14043

Out of bound read in Fingerprint application due to requested data is being used without length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure a...

CVE-2019-14038

CVE-2019-14038 is a buffer over-read in the ADSP parse function caused by a missing check for sufficient data payload in a Qualcomm Snapdragon ADSP command response. Affected are Snapdragon products across multiple lines (Auto, Compute, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, We...

Debian DLA-2222-1 : libexif security update

Various minor vulnerabilities have been addredd in libexif, a library to parse EXIF metadata files. CVE-2018-20030 This issue had already been addressed via DLA-2214-1. However, upstream provided an updated patch, so this has been followed up on. CVE-2020-13112 Several buffer over-reads in EXIF...

CVE-2020-13114

An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data...

CVE-2020-13114

An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data...

ALPINE-CVE-2020-13114

An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data...

CVE-2020-13114

An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data...

CVE-2020-13114

An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data...

Design/Logic Flaw

An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data...

UBUNTU-CVE-2020-13114

An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data...

CVE-2020-13114

An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data...

CVE-2020-13114

CVE-2020-13114 affects libexif up to version 0.6.21, where an unrestricted size in handling Canon EXIF MakerNote data can cause excessive compute time during EXIF decoding (DoS). Affected component: libexif (exif-data.c/maker-note handling). Impact described across multiple advisories: potential ...

CVE-2020-13114

An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data...

CVE-2020-13114

An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data...

Multiple Vulnerabilities in Hitachi Compute Systems Manager

Overview Multiple vulnerabilities have been found in Hitachi Compute Systems Manager. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...