OSV-2020-960 Use-of-uninitialized-value in prvTidyDecodeUTF8BytesToChar

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12656 Crash type: Use-of-uninitialized-value Crash state: prvTidyDecodeUTF8BytesToChar prvTidyGetUTF8 PPrintText...

SUSE-SU-2019:2891-2 Security update for python-ecdsa

This update for python-ecdsa to version 0.13.3 fixes the following issues: Security issues fixed: - CVE-2019-14853: Fixed unexpected exceptions during signature decoding bsc1153165. - CVE-2019-14859: Fixed a signature malleability caused by insufficient checks of DER encoding bsc1154217...

CVE-2020-11538

An out-of-bounds read/write flaw was found in python-pillow, in the way SGI RLE images are decoded. An application that uses python-pillow to decode untrusted images may be vulnerable. This flaw allows an attacker to crash the application or potentially execute code on the system. The highest...

OSV-2020-373 UNKNOWN READ in url_decode

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14501 Crash type: UNKNOWN READ Crash state: urldecode parsekeyvalues fuzzparsehttprequest...

DEBIAN-CVE-2020-10378

In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds read can occur when reading PCX files where state-shuffle is instructed to read beyond state-buffer...

PYSEC-2020-80

In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311...

PYSEC-2020-77

In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds read can occur when reading PCX files where state-shuffle is instructed to read beyond state-buffer...

UBUNTU-CVE-2020-10378

In libImaging/PcxDecode.c in Pillow before 7.1.0, an out-of-bounds read can occur when reading PCX files where state-shuffle is instructed to read beyond state-buffer...

CVE-2019-14062

Buffer overflows while decoding setup message from Network due to lack of check of IE message length received from network in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables ...

CVE-2020-13902

ImageMagick 7.0.9-27 through 7.0.10-17 has a heap-based buffer over-read in BlobToStringInfo in MagickCore/string.c during TIFF image decoding...

UBUNTU-CVE-2019-20840

An issue was discovered in LibVNCServer before 0.9.13. libvncserver/wsdecode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode...

h1-ctf: [H1-2006 2020] CTF Writeup

Summary: Multiple Vulnerabilities leading to full account takeover and access to restricted functions 1. Information Disclosure 2. Login 2FA Bypass 3. SSRF 4. Hardcoded validation 5. Sensitive information disclosure 6. Privilege Escalation 7. Payments 2FA Bypass through SSRF Steps To Reproduce: 0...

CVE-2020-13902

ImageMagick 7.0.9-27 through 7.0.10-17 has a heap-based buffer over-read in BlobToStringInfo in MagickCore/string.c during TIFF image decoding...

CVE-2020-13902

ImageMagick 7.0.9-27 through 7.0.10-17 has a heap-based buffer over-read in BlobToStringInfo in MagickCore/string.c during TIFF image decoding...

DEBIAN-CVE-2020-13902

ImageMagick 7.0.9-27 through 7.0.10-17 has a heap-based buffer over-read in BlobToStringInfo in MagickCore/string.c during TIFF image decoding...

CVE-2020-13902

ImageMagick 7.0.9-27 through 7.0.10-17 has a heap-based buffer over-read in BlobToStringInfo in MagickCore/string.c during TIFF image decoding...

CVE-2020-13902

CVE-2020-13902 entry is rejected; this CVE is not an active vulnerability.

DEBIAN-CVE-2020-13790

libjpeg-turbo 2.0.4, and mozjpeg 4.0.0, has a heap-based buffer over-read in getrgbrow in rdppm.c via a malformed PPM input file...

PT-2020-15098 · Huawei · Huawei +1

Name of the Vulnerable Software and Affected Versions: Huawei products affected versions not specified Description: The issue is related to out of bounds OOB read vulnerabilities in the implementation of the Common Open Policy Service COPS protocol. A specific decoding function may cause an...

PT-2020-15094 · Huawei · Huawei +1

Name of the Vulnerable Software and Affected Versions: Huawei products affected versions not specified Description: The issue is related to multiple out of bounds OOB read vulnerabilities in the implementation of the Common Open Policy Service COPS protocol. A specific decoding function may occur...