CVE-2019-14940

CVE-2019-14940 affects SPDK prior to 19.07, where a user of a vhost can cause a crash by sending invalid input to the target. The root cause is an input validation issue in SPDK’s vhost handling, leading to an availability impact (crash) with network-accessible exposure implied by the CVSS data. ...

SUSE SLED12 / SLES12 Security Update : bzip2 (SUSE-SU-2019:2013-1)

This update for bzip2 fixes the following issues : Fixed a regression with the fix for CVE-2019-12900, which caused incompatibilities with files that used many selectors bsc1139083. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security...

Moderate: Red Hat Security Advisory: java-1.7.0-openjdk security update

An update for java-1.7.0-openjdk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

PT-2022-8603 · Unknown +2 · Platinum Upnp Sdk +2

Name of the Vulnerable Software and Affected Versions: Platinum Upnp SDK versions prior to 1.2.1 Description: The issue allows for a directory traversal attack, which could be exploited by sending a malicious URL, such as "http://ip:port/../privacy.avi", to compromise a victim's privacy. This cou...

EDK2 Stack Buffer Overflow Vulnerability

EDK2 is a set of cross-platform firmware development environment based on UEFI and PI specifications. A buffer overflow vulnerability in the stack exists in EDK2. A remote attacker could exploit this vulnerability to run arbitrary code in the context of an affected application or possibly cause a...

EDK2 Security Bypass Vulnerability

EDK2 is a set of cross-platform firmware development environment based on UEFI and PI specifications. A security bypass vulnerability exists in EDK2. A remote attacker could exploit this vulnerability to cause an affected application to crash, resulting in a denial of service or bypass security...

Microsoft DirectWrite / AFDKO - Multiple Bugs in OpenType Font Handling Related to the "post" Table

-----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library written in C, which provides interfaces for reading and writing Type 1, OpenType, TrueType to some...

Microsoft DirectWrite / AFDKO - Heap-Based Buffer Overflow in OpenType Font Handling in readStrings

-----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library written in C, which provides interfaces for reading and writing Type 1, OpenType, TrueType to some...

Microsoft DirectWrite AFDKO - Stack-Based Buffer Overflow in do_set_weight_vector_cube for Large nAxes

Microsoft DirectWrite AFDKO - Stack-Based Buffer Overflow in dosetweightvectorcube for Large nAxes -----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library...

Microsoft DirectWrite AFDKO - Heap-Based Buffer Overflow Due to Integer Overflow in readTTCDirectory

Microsoft DirectWrite AFDKO - Heap-Based Buffer Overflow Due to Integer Overflow in readTTCDirectory -----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling libra...

Microsoft DirectWrite AFDKO - Stack Corruption in OpenType Font Handling Due to Negative nAxes

Microsoft DirectWrite AFDKO - Stack Corruption in OpenType Font Handling Due to Negative nAxes -----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library...

Microsoft DirectWrite / AFDKO - Stack Corruption in OpenType Font Handling Due to Negative nAxes

-----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library written in C, which provides interfaces for reading and writing Type 1, OpenType, TrueType to some...

Microsoft DirectWrite AFDKO - Heap-Based Buffer Overflow in OpenType Font Handling in readEncoding

Microsoft DirectWrite AFDKO - Heap-Based Buffer Overflow in OpenType Font Handling in readEncoding -----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library...

Microsoft DirectWrite / AFDKO - Heap-Based Buffer Overflow Due to Integer Overflow in readTTCDirectory

-----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library written in C, which provides interfaces for reading and writing Type 1, OpenType, TrueType to some...

Microsoft DirectWrite / AFDKO - Heap-Based Buffer Overflow in OpenType Font Handling in readFDSelect

-----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library written in C, which provides interfaces for reading and writing Type 1, OpenType, TrueType to some...

The vulnerability of the Intel Data Center Manager SDK, related to access control deficiencies, allows a perpetrator to disclose protected information.

The vulnerability of the Intel Data Center Manager SDK development tools is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to disclose sensitive information that is protected by these tools...

The vulnerability in the Intel Data Center Manager SDK toolset, related to key management errors, allows a hacker to disclose sensitive information that is protected by the software.

The vulnerability of the Intel Data Center Manager SDK development tools is related to key management errors. Exploiting this vulnerability can allow an attacker to disclose sensitive information that is protected by these tools...

The vulnerability of the Intel Data Center Manager SDK software development tools, related to access control deficiencies, allows a perpetrator to disclose protected information.

The vulnerability of the Intel Data Center Manager SDK development tools is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to disclose sensitive information that is protected by these tools...

The vulnerability of the installation mechanism for the software development tools for Intel Data Center Manager SDK allows unauthorized access, enabling attackers to enhance their privileges.

The vulnerability of the installation mechanism for the software development tools for Intel Data Center Manager SDK is related to errors in processing input data. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the Intel Data Center Manager SDK software development tools, related to access control deficiencies, allows attackers to enhance their privileges.

The vulnerability of the Intel Data Center Manager SDK development tools is related to deficiencies in access control. Exploiting this vulnerability could allow attackers to enhance their privileges...