48 matches found
SUSE-SU-2019:1712-1 Security update for ImageMagick
This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2019-11597: Fixed a heap-based buffer over-read in the WriteTIFFImage bsc1138464. - Fixed a file content disclosure via SVG and WMF decoding bsc1138425.- CVE-2019-11472: Fixed a denial of service in ReadXWDImage...
CVE-2019-11640
An issue was discovered in GNU recutils 1.8. There is a heap-based buffer overflow in the function recfexparsestrsimple at rec-fex.c in librec.a...
CVE-2018-19541
An issue was discovered in JasPer 1.900.8, 1.900.9, 1.900.10, 1.900.11, 1.900.12, 1.900.13, 1.900.14, 1.900.15, 1.900.16, 1.900.17, 1.900.18, 1.900.19, 1.900.20, 1.900.21, 1.900.22, 1.900.23, 1.900.24, 1.900.25, 1.900.26, 1.900.27, 1.900.28, 1.900.29, 1.900.30, 1.900.31, 2.0.0, 2.0.1, 2.0.2, 2.0....
THULAC Buffer Out-of-Bounds Read Vulnerability
THULAC is a Chinese lexical analysis toolkit introduced by the Natural Language Processing and Social Humanities Computing Laboratory of Tsinghua University, which supports Chinese word segmentation and lexical annotation functions. The 'NGramFeature::findbases ' function in the...
CVE-2017-9192
The CVE-2017-9192 entry affects AutoTrace 0.31.1: libautotrace.a contains a heap-based buffer overflow in the ReadImage function (input-tga.c:528:7). The detail is consistently reported across sources (NVD/Red Hat/SUSE/Nessus-style entries) as a heap overflow in ReadImage within libautotrace.a. T...
Mozilla: Heap-use-after-free in mozilla::a11y::DocAccessible::ProcessInvalidationList (MFSA 2016-85, MFSA 2016-86)
Use-after-free vulnerability in the mozilla::a11y::DocAccessible::ProcessInvalidationList function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption via an...
SUSE-SA:2002:046: pine
The remote host is missing the patch for the advisory SUSE-SA:2002:046 pine. Pine, Program for Internet News and Email, is a well known and widely used eMail client. While parsing and escaping characters of eMail addresses pine does not allocate enough memory for storing the escaped mailbox part ...
Bug in mnogosearch-3.1.19
qitest1 security advisory 003 Bug in mnogosearch-3.1.19 and prior ----------------------------------------------- PROGRAM DESCRIPTION mnoGoSearch is a full-featured SQL based web search engine, available from http://www.mnogosearch.org. PROBLEM DESCRIPTION When receiving a too long query string q...