CVE-2023-30774

A vulnerability was found in the libtiff library. This flaw causes a heap buffer overflow issue via the TIFFTAGINKNAMES and TIFFTAGNUMBEROFINKS values...

Moderate: Red Hat Security Advisory: libtiff security update

An update for libtiff is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

CVE-2023-25006

A malicious actor may convince a user to open a malicious USD file that may trigger a use-after-free vulnerability which could result in code execution...

libtiff: out-of-bounds write in _TIFFmemset in libtiff/tif_unix.c

An out-of-bounds write flaw was found in the TIFFmemset function in libtiff/tifunix.c in the libtiff package. By persuading a victim to open a specially-crafted TIFF image file, a remote attacker could cause a denial of service condition...

[SECURITY] Fedora 37 Update: libheif-1.15.2-1.fc37

libheif is an ISO/IEC 23008-12:2017 HEIF and AVIF AV1 Image File Format file format decoder and encoder...

Fedora: Security Advisory for libheif (FEDORA-2023-440c8694e5)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for libheif (FEDORA-2023-fd63c401df)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for libheif (FEDORA-2023-e679ea4fa2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 38 Update: libheif-1.15.2-1.fc38

libheif is an ISO/IEC 23008-12:2017 HEIF and AVIF AV1 Image File Format file format decoder and encoder...

PortEx - Java Library To Analyse Portable Executable Files With A Special Focus On Malware Analysis And PE Malformation Robustness

PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness, and anomaly detection. PortEx is written in Java and Scala, and targeted at Java applications. Features Reading header information from: MSDOS Header, COFF File Header,...

Fedora 37 : lilypond / lilypond-doc (2023-fb8bc496c2)

The remote Fedora 37 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-fb8bc496c2 advisory. Fix for CVE-2020-17354 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for...

Fedora: Security Advisory for zchunk (FEDORA-2023-86dce75007)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-17354

LilyPond before 2.24 allows attackers to bypass the -dsafe protection mechanism via output-def-lookup or output-def-scope, as demonstrated by dangerous Scheme code in a .ly file that causes arbitrary code execution during conversion to a different file format. NOTE: in 2.24 and later versions, sa...

CVE-2020-17354

LilyPond before 2.24 allows attackers to bypass the -dsafe protection mechanism via output-def-lookup or output-def-scope, as demonstrated by dangerous Scheme code in a .ly file that causes arbitrary code execution during conversion to a different file format. NOTE: in 2.24 and later versions, sa...

[SECURITY] Fedora 37 Update: zchunk-1.3.1-1.fc37

zchunk is a compressed file format that splits the file into independent chunks. This allows you to only download the differences when downloading a new version of the file, and also makes zchunk files efficient over rsync. zchunk files are protected with strong checksums to verify that the file...

OpenImageIO Project OpenImageIO TGAInput::decode_pixel() out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2023-1708 OpenImageIO Project OpenImageIO TGAInput::decodepixel out-of-bounds read vulnerability March 30, 2023 CVE Number CVE-2023-22845 SUMMARY An out-of-bounds read vulnerability exists in the TGAInput::decodepixel functionality of OpenImageIO Project OpenImage...

radare2 资源管理错误漏洞

radare2 is a set of libraries and tools for working with binary files. radareorg A resource management error vulnerability exists in radare2 versions prior to 5.8.6, which stems from incorrectly parsing symbolic information in a COFF file, resulting in a segmentation error in at...

MP4v2 安全漏洞

MP4v2 is a library for creating, modifying, and reading MP4 files by enzo1982 individual developers. A security vulnerability exists in MP4v2 version 2.1.2, which stems from a security issue in the function DumpTrack in the file mp4trackdump.cpp, resulting in a denial of service...

Debian: Security Advisory (DLA-221-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE CVE-2006-3117

Heap-based buffer overflow in OpenOffice.org aka StarOffice 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-assisted attackers to execute arbitrary code via a crafted OpenOffice XML document that is not properly handled by 1 Calc, 2 Draw, 3 Impress, 4 Math, or 5 Writer, aka "File Format /...