74 matches found
UBUNTU-CVE-2018-11206
An out of bounds read was discovered in H5Ofillnewdecode and H5Ofillolddecode in H5Ofill.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack...
DEBIAN-CVE-2018-10126
ijg-libjpeg before 9d, as used in tiff2pdf from LibTIFF and other products, does not check for a NULL pointer at a certain place in jpegfdct16x16 in jfdctint.c...
UBUNTU-CVE-2018-9009
In libming 0.4.8, there is a use-after-free in the decompileJUMP function of the decompile.c file...
Code injection
A bug in the standard library ScalarMult implementation of curve P-256 for amd64 architectures in Go before 1.7.6 and 1.8.x before 1.8.2 causes incorrect results to be generated for specific input points. An adaptive attack can be mounted to progressively extract the scalar input to ScalarMult by...
DEBIAN-CVE-2017-7868
International Components for Unicode ICU for C/C++ before 2017-02-13 has an out-of-bounds write caused by a heap-based buffer overflow related to the utf8TextAccess function in common/utext.cpp and the utextmoveIndex32 function...
UBUNTU-CVE-2016-10228
The iconv program in the GNU C Library aka glibc or libc6 2.31 and earlier, when invoked with multiple suffixes in the destination encoding TRANSLATE or IGNORE along with the -c option, enters an infinite loop when processing invalid multi-byte input sequences, leading to a denial of service...
ICU: integer signedness issue in IndicRearrangementProcessor (OpenJDK 2D, 8140543)
Unspecified vulnerability in the Java SE and Java SE Embedded components in Oracle Java SE 6u105, 7u91, and 8u66 and Java SE Embedded 8u65 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to 2D...
The vulnerability of the OpenSUSE operating system allows malicious actors to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the Mesa-libGLU-devel package in the openSUSE operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. This vulnerability can be exploited remotely...
Ubuntu 12.04 LTS / 12.10 / 13.10 : firefox vulnerabilities (USN-2150-1)
Benoit Jacob, Olli Pettay, Jan Varga, Jan de Mooij, Jesse Ruderman, Dan Gohman, Christoph Diehl, Gregor Wagner, Gary Kwong, Luke Wagner, Rob Fletcher and Makoto Kato discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker...
wireshark: TFTP dissector crash
The TFTP dissector in Wireshark formerly Ethereal 0.6.0 through 0.99.7, when running on Ubuntu 7.10, allows remote attackers to cause a denial of service crash or memory consumption via a malformed packet, possibly related to a Cairo library bug...
Code injection
The TFTP dissector in Wireshark formerly Ethereal 0.6.0 through 0.99.7, when running on Ubuntu 7.10, allows remote attackers to cause a denial of service crash or memory consumption via a malformed packet, possibly related to a Cairo library bug...
CVE-2008-1072
The TFTP dissector in Wireshark formerly Ethereal 0.6.0 through 0.99.7, when running on Ubuntu 7.10, allows remote attackers to cause a denial of service crash or memory consumption via a malformed packet, possibly related to a Cairo library bug...
Important: Red Hat Security Advisory: glibc security update
Updated glibc packages that fix a security flaw in the resolver as well as dlclose handling are now available. The GNU libc packages known as glibc contain the standard C libraries used by applications. A security audit of the glibc packages in Red Hat Enterprise Linux 2.1 found a flaw in the...
horde library bug - unchecked from-address
Hi, this bug we discovered recently. HORDE 1.2.0 $from-bug and how to exploit with IMP 2.2.0 Disclaimer: This is intended as a paper for sysadmins who want to secure their systems. It is NOT a how to for scriptkiddies to run any attack on a IMP-using site. The authors of this text will not be hel...