ae.vigilancer.android-run-app:ae.vigilancer.android-run-app.gradle.plugin (>=1.0.1 <=1.0.2), aero.m-click:mcpdf (>=0.2.3 <=0.2.4) +6769 more potentially affected by CVE-2016-1000344 via org.bouncycastle:bcprov-jdk15on (>=1.46 <=1.55)

org.bouncycastle:bcprov-jdk15on MAVEN version =1.46, =1.0.1, =0.2.3, =0.42.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.1, =1.4.3 and more Source cves: CVE-2016-1000344 Source advisory: OSV:GHSA-2J2X-HX4G-2GF4...

CVE-2018-17439

An issue was discovered in the HDF HDF5 1.10.3 library. There is a stack-based buffer overflow in the function H5Sextentgetdims in H5S.c. Specifically, this issue occurs while converting an HDF5 file to a GIF file...

CVE-2018-14460

An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5Osdspacedecode in H5Osdspace.c...

UBUNTU-CVE-2018-14435

ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c...

Design/Logic Flaw

An issue was discovered in the HDF HDF5 1.8.20 library. There is a memcpy parameter overlap in the function H5Olinkdecode in H5Olink.c...

CVE-2018-13869

An issue was discovered in the HDF HDF5 1.8.20 library. There is a memcpy parameter overlap in the function H5Olinkdecode in H5Olink.c...

CVE-2018-13843

An issue has been found in HTSlib 1.8. It is a memory leak in bgzfgetline in bgzf.c. NOTE: the software maintainer's position is that the "failure to free memory" can be fixed in applications that use the HTSlib library such as test/testbgzf.c in the original report and is not a library issue...

UBUNTU-CVE-2018-7749

The SSH server implementation of AsyncSSH before 1.12.1 does not properly check whether authentication is completed before processing other requests. A customized SSH client can simply skip the authentication step...

CVE-2017-3107

Adobe Experience Manager 6.3 and earlier has a misconfiguration vulnerability...

CVE-2017-9183

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:309:7...

UBUNTU-CVE-2017-9185

libautotrace.a in AutoTrace 0.31.1 has a "cannot be represented in type int" issue in input-bmp.c:319:7...

MGASA-2017-0054 Updated mariadb packages fix security vulnerability

Root Privilege Escalation CVE-2016-6664. Unspecified vulnerability affecting the Optimizer component CVE-2017-3238. Unspecified vulnerability affecting the Charsets component CVE-2017-3243. Unspecified vulnerability affecing the DML component CVE-2017-3244. Unspecified vulnerability affecting...

SUSE-SU-2017:0412-1 Security update for mariadb

This mariadb version update to 10.0.29 fixes the following issues: - CVE-2017-3318: unspecified vulnerability affecting Error Handling bsc1020896 - CVE-2017-3317: unspecified vulnerability affecting Logging bsc1020894 - CVE-2017-3312: insecure error log file handling in mysqldsafe, incomplete...

SUSE-SU-2017:0408-1 Security update for mysql

This mysql version update to 5.5.54 fixes the following issues: - CVE-2017-3318: Unspecified vulnerability affecting Error Handling bsc1020896 - CVE-2017-3317: Unspecified vulnerability affecting Logging bsc1020894 - CVE-2017-3313: Unspecified vulnerability affecting the MyISAM component bsc10208...

UBUNTU-CVE-2017-2576

In Moodle 2.x and 3.x, there is incorrect sanitization of attributes in forums...

UBUNTU-CVE-2015-4663

Bulletin has no description...

MGASA-2015-0486 Updated mediawiki packages fix security vulnerabilities

Updated mediawiki packages fix security vulnerabilities: In MediaWiki before 1.23.12, an XSS vector exists when MediaWiki is configured with a non-standard configuration, from wikitext when $wgArticlePath='$1' CVE-2015-8622. In MediaWiki before 1.23.12, tokens were being compared as strings, whic...

Buffer overflow

Unspecified vulnerability in Oracle Java SE 7u60 and 8u5 allows remote attackers to affect confidentiality via unknown vectors related to Libraries...

OpenJDK: Better ScriptEngineManager ScriptEngine management (Libraries, 8036794)

Unspecified vulnerability in Oracle Java SE 6u71, 7u51, and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries...

OpenJDK: Incorrect NIO channel separation (Libraries, 8026716)

Unspecified vulnerability in Oracle Java SE 7u51 and 8, and Java SE Embedded 7u51, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Libraries, a different vulnerability than CVE-2014-0432 and CVE-2014-0455...