796 matches found
librawspeed/SonyArw2DecompressorFuzzer: Use-of-uninitialized-value in rawspeed::RawImageData::checkMemIsInitialized
Project: https://github.com/darktable-org/rawspeed.git Detailed report: https://oss-fuzz.com/testcase?key=5404007393656832 Project: librawspeed Fuzzer: libFuzzerlibrawspeedSonyArw2DecompressorFuzzer Fuzz target binary: SonyArw2DecompressorFuzzer Job Type: libfuzzermsanlibrawspeed Platform Id: lin...
SUSE-SU-2017:2718-1 Security update for apache2
This update for apache2 fixes one issues. This security issue was fixed: - CVE-2017-9798: Prevent use-after-free use of memory that allowed for an information leak via OPTIONS bsc1058058...
SUSE-SU-2017:2542-1 Security update for apache2
This update for apache2 fixes the following security issue: - CVE-2017-9798: Prevent use-after-free use of memory that allowed for an information leak via OPTIONS bsc1058058...
The vulnerability of the Archive::ReadHeader15 function in the libunrar.a library, a tool for decompressing UnRAR files, allows a malicious actor to cause an unexpected termination of the application.
The vulnerability of the Archive::ReadHeader15 function in the libunrar.a library, a tool for decompressing UnRAR files, arises due to the execution of an operation beyond the buffer boundaries in memory reading beyond the memory boundaries when calling EncodeFileName::Decode. Exploiting this...
SDX -Memory Showing Less Than Expected on GUI
Memory is showing as 32 GB instead of the expected 48 GB on SVM GUI...
DEBIAN-CVE-2017-12602
OpenCV Open Source Computer Vision Library through 3.3 has a denial of service memory consumption issue, as demonstrated by the 10-opencv-dos-memory-exhaust test case...
CVE-2017-9789
When under stress, closing many connections, the HTTP/2 handling code in Apache httpd 2.4.26 would sometimes access memory after it has been freed, resulting in potentially erratic behaviour...
SUSE-SU-2017:1763-1 Security update for clamav
This update for clamav fixes the following issues: Security issue fixed: - CVE-2012-6706: Fixed an arbitrary memory write in VMSFDELTA filter in libclamunrar bsc1045490 Non security issue fixed: - Fix permissions of /var/spool/amavis. bsc815106...
CVE-2017-9192
The CVE-2017-9192 entry affects AutoTrace 0.31.1: libautotrace.a contains a heap-based buffer overflow in the ReadImage function (input-tga.c:528:7). The detail is consistently reported across sources (NVD/Red Hat/SUSE/Nessus-style entries) as a heap overflow in ReadImage within libautotrace.a. T...
gnutls: Use-of-uninitialized-value in gnutls_pkcs12_verify_mac
Project: https://gitlab.com/gnutls/gnutls.git Detailed report: https://oss-fuzz.com/testcase?key=5921522709430272 Project: gnutls Fuzzer: libFuzzergnutlspkcs12keyparserfuzzer Fuzz target binary: gnutlspkcs12keyparserfuzzer Job Type: libfuzzermsangnutls Platform Id: linux Crash Type:...
CVE-2017-8804
The xdrbytes and xdrstring functions in the GNU C Library aka glibc or libc6 2.25 mishandle failures of buffer deserialization, which allows remote attackers to cause a denial of service virtual memory allocation, or memory consumption if an overcommit setting is not used via a crafted UDP packet...
Mozilla: Heap-use-after-free in mozilla::a11y::DocAccessible::ProcessInvalidationList (MFSA 2016-85, MFSA 2016-86)
Use-after-free vulnerability in the mozilla::a11y::DocAccessible::ProcessInvalidationList function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird 45.4 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption via an...
USN-3041-1 oxide-qt vulnerabilities
Multiple security issues were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service application crash or execute arbitrary code. CVE-2016-1705 It was discovered...
Google Chrome Skia memory misreference vulnerability (CNVD-2016-03807)
Google Chrome is a popular web browser. A memory misreference vulnerability in Google Chrome Skia allows remote attackers to exploit the vulnerability to construct a malicious WEB page that can be tricked into parsing by users, which can crash the application or execute arbitrary code...
OpenSSL: Fix memory issues in BIO_*printf functions
Several flaws were found in the way BIOprintf functions were implemented in OpenSSL. Applications which passed large amounts of untrusted data through these functions could crash or potentially execute code with the permissions of the user running such an application...
SUSE-SU-2016:1149-1 Security update for freetype2
This update of the freetype2 library fixes two security issues: - An infinite loop in parseencoding in t1load.c CVE-2014-9745, bsc945849 - Use of uninitialized memory in psparserloadfield, t42parsefontmatrix and t1parsefontmatrix CVE-2014-9747, bsc947966...
MGASA-2016-0149 Updated java-1.8.0-openjdk packages fix security vulnerabilities
Updated java-1.8.0-openjdk packages fix security vulnerabilities: Multiple flaws were discovered in the Serialization and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions CVE-2016-0686, CVE-2016-0687. It wa...
CVE-2015-6175
The kernel in Microsoft Windows 10 Gold allows local users to gain privileges via a crafted application, aka "Windows Kernel Memory Elevation of Privilege Vulnerability."...
PT-2015-2833 · Adobe +3 · Air Sdk & Compiler +7
Name of the Vulnerable Software and Affected Versions: Adobe Integrated Runtime versions affected versions not specified Adobe Flash Player versions affected versions not specified Adobe AIR versions affected versions not specified Adobe AIR SDK versions affected versions not specified Adobe AIR...
USN-2724-1 qemu, qemu-kvm vulnerabilities
It was discovered that QEMU incorrectly handled a PRDT with zero complete sectors in the IDE functionality. A malicious guest could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. CVE-2014-9718 Donghai Zhu discovered that QEMU...