148 matches found
SUSE SLED15 / SLES15 Security Update : openexr (SUSE-SU-2020:3934-1)
This update for openexr fixes the following issues : Security issues fixed : CVE-2020-16587: Fixed a heap-based buffer overflow in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp bsc1179879. CVE-2020-16588: Fixed a NULL pointer deference in generatePreview bsc1179879. CVE-2020-16589: Fixed...
Security update for openexr (moderate)
openSUSE Security Update: Security update for openexr Announcement ID: openSUSE-SU-2020:2351-1 Rating: moderate References: 1179879 Cross-References: CVE-2020-16587 CVE-2020-16588 CVE-2020-16589 Affected Products: openSUSE Leap 15.2 An update that fixes three vulnerabilities is now available...
Security update for openexr (moderate)
openSUSE Security Update: Security update for openexr Announcement ID: openSUSE-SU-2020:2349-1 Rating: moderate References: 1179879 Cross-References: CVE-2020-16587 CVE-2020-16588 CVE-2020-16589 Affected Products: openSUSE Leap 15.1 An update that fixes three vulnerabilities is now available...
SUSE-SU-2020:3934-1 Security update for openexr
This update for openexr fixes the following issues: Security issues fixed: - CVE-2020-16587: Fixed a heap-based buffer overflow in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp bsc1179879. - CVE-2020-16588: Fixed a null pointer deference in generatePreview bsc1179879. - CVE-2020-16589:...
SUSE SLES12 Security Update : openexr (SUSE-SU-2020:3931-1)
This update for openexr fixes the following issues : Security issues fixed : CVE-2020-16587: Fixed a heap-based buffer overflow in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp bsc1179879. CVE-2020-16588: Fixed a NULL pointer deference in generatePreview bsc1179879. CVE-2020-16589: Fixed...
SUSE-SU-2020:3931-1 Security update for openexr
This update for openexr fixes the following issues: Security issues fixed: - CVE-2020-16587: Fixed a heap-based buffer overflow in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp bsc1179879. - CVE-2020-16588: Fixed a null pointer deference in generatePreview bsc1179879. - CVE-2020-16589:...
Denial Of Service (DoS)
openexr is vulnerable to denial of service. The vulnerability exists through a Null Pointer Deference in generatePreview in makePreview.cpp which allows an attacker to crash the application via malicious input...
Debian: Security Advisory (DLA-2491-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
UBUNTU-CVE-2020-16588
A Null Pointer Deference issue exists in Academy Software Foundation OpenEXR 2.3.0 in generatePreview in makePreview.cpp that can cause a denial of service via a crafted EXR file...
CVE-2020-16588
The CVE-2020-16588 entry concerns a Null Pointer Deference in OpenEXR 2.3.0 (generatePreview in makePreview.cpp) that can lead to denial of service via a crafted EXR file. Connected sources show multiple distributions releasing fixes (e.g., Debian openexr updates addressing CVE-2020-16588; openSU...
CVE-2020-16588
A Null Pointer Deference issue exists in Academy Software Foundation OpenEXR 2.3.0 in generatePreview in makePreview.cpp that can cause a denial of service via a crafted EXR file...
Debian DLA-2183-1 : libgsf security update
It was discovered that there was a NULL pointer deference exploit in libgsf, a I/O abstraction library for GNOME. An error within the 'tardirectoryforfile' function could be exploited to trigger a NULL pointer dereference and subsequently cause a crash via a crafted TAR file. For Debian 8 'Jessie...
Debian: Security Advisory (DLA-2183-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.6.0 : httpd (EulerOS-SA-2020-1359)
According to the versions of the httpd packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In Apache HTTP Server 2.4 release 2.4.37 and prior, modsession checks the session expiry time before decoding the...
CVE-2020-6095
An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. A specially crafted RTSP setup request can cause a null pointer deference resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerabili...
CVE-2020-6095
An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. A specially crafted RTSP setup request can cause a null pointer deference resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerabili...
CVE-2020-6095
An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. A specially crafted RTSP setup request can cause a null pointer deference resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerabili...
Vulnerability Spotlight: Denial-of-service vulnerability in GStreamer
Peter Wang of Cisco ASIG discovered this vulnerability. Blog by Jon Munshaw. Cisco Talos recently discovered a denial-of-service vulnerability in GStreamer, a pipeline-based multimedia framework. GStreamer contains gst-rtsp-server, an open-source library that allows the user to build RTSP servers...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2017-1071)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Windows 10 BasicRender.sys - Denial of Service Exploit
Exploit Title: Microsoft Windows 10 BasicRender.sys - Denial of Service PoC Exploit author: vportal Vendor homepage: http://www.microsoft.com Version: Windows 10 1803 x86 Tested on: Windows 10 1803 x86 CVE: N/A A Null pointer deference exists in the WARPGPUCMDSYNC function of the BasicRender.sys...