PT-2020-15094 · Huawei · Huawei +1

Name of the Vulnerable Software and Affected Versions: Huawei products affected versions not specified Description: The issue is related to multiple out of bounds OOB read vulnerabilities in the implementation of the Common Open Policy Service COPS protocol. A specific decoding function may occur...

PT-2020-15100 · Huawei · Huawei +1

Name of the Vulnerable Software and Affected Versions: Huawei products affected versions not specified Description: The issue is related to multiple out of bounds OOB read vulnerabilities in the implementation of the Common Open Policy Service COPS protocol. A specific decoding function may occur...

PT-2020-15099 · Huawei · Huawei +1

Name of the Vulnerable Software and Affected Versions: Huawei products affected versions not specified Description: The issue is related to multiple out of bounds OOB read vulnerabilities in the implementation of the Common Open Policy Service COPS protocol. A specific decoding function may cause...

CVE-2020-13114

An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data...

CVE-2020-13114

An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data...

DEBIAN-CVE-2020-13114

An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data...

CVE-2020-13114

An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data...

CVE-2020-13114

An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data...

UBUNTU-CVE-2019-19721

An off-by-one error in the DecodeBlock function in codec/sdlimage.c in VideoLAN VLC media player before 3.0.9 allows remote attackers to cause a denial of service memory corruption via a crafted image file. NOTE: this may be related to the SDLImage product...

Code injection

An issue was discovered on Samsung mobile devices with O8.X, P9.0, and Q10.0 software. The Quram image codec library allows attackers to overwrite memory and execute arbitrary code via crafted JPEG data that is mishandled during decoding. The Samsung ID is SVE-2020-16943 May 2020...

Denial Of Service (DoS)

pillow is vulnerable to denial of service. A bounds overflow bug in the PCX decoding allows an attacker to crash the application or potentially execute arbtirary code on the system...

Denial Of Service (DoS)

pillow is vulnerable to denial of service. A buffer overflow bug in the TIFF decoding allows an attacker to crash the application or potentially execute arbtirary code on the system...

OPENSUSE-SU-2020:0562-1 Security update for vlc

This update for vlc fixes the following issues: vlc was updated to version 3.0.9.2: + Misc: Properly bump the version in configure.ac. Changes from version 3.0.9.1: + Misc: Fix VLSub returning 401 for earch request. Changes from version 3.0.9: + Core: Work around busy looping when playing an...

Security update for vlc (moderate)

openSUSE Security Update: Security update for vlc Announcement ID: openSUSE-SU-2020:0545-1 Rating: moderate References: 1142161 1146428 Cross-References: CVE-2019-13602 CVE-2019-13962 CVE-2019-14437 CVE-2019-14438 CVE-2019-14498 CVE-2019-14533 CVE-2019-14534 CVE-2019-14535 CVE-2019-14776...

CVE-2019-14019

CVE-2019-14019 involves Qualcomm Snapdragon components across multiple SoCs. The root cause is a read overflows issue due to an improper length check when decoding RAU accept/PDN disconnect Modify EPS/ bearer resource allocations and related requests. The impact is a high/severe condition reporte...

CVE-2019-14011

CVE-2019-14011 concerns multiple Read overflow issues caused by improper length checks during decoding of 3G attach accept/SMS/PDN connection reject/esm data transport/bearer modify context reject in Qualcomm Snapdragon lineups (Auto, Compute, IoT, Wearables, etc.) across numerous SoCs and produc...

CVE-2019-12524

An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maintainer. This rule is...

PT-2020-6217 · Industrial Light & Magic +5 · Openexr +5

Name of the Vulnerable Software and Affected Versions: OpenEXR versions prior to 2.4.1 Description: The issue is related to an out-of-bounds read during RLE uncompression in the rleUncompress function in ImfRle.cpp. This can potentially allow a remote attacker to cause a denial of service...

Denial Of Service (DoS)

pidgin is vulnerable to denial of service. Multiple NULL pointer dereference flaws were found in the way Pidgin handled Base64 decoding. A remote attacker could use these flaws to crash Pidgin if the target Pidgin user was using the Yahoo! Messenger Protocol, MSN, MySpace, or Extensible Messaging...

Arbitrary Code Execution

gstreamer-plugins-good is vulnerable to arbitrary code execution. The vulnerability exists as multiple heap buffer overflows and an array indexing error were found in the GStreamer's QuickTime media file format decoding plugin. An attacker could create a carefully-crafted QuickTime media .mov fil...