143 matches found
[SECURITY] [DLA 2083-1] hiredis security update
Package : hiredis Version : 0.11.0-4+deb8u1 CVE ID : CVE-2020-7105 Debian Bug : 949995 It was discovered that there were a large number of NULL pointer dereferences due to unchecked return values from malloc and friends in hiredis, a minimalistic C client library. For Debian 8 "Jessie", these iss...
openSUSE: Security Advisory for libredwg (openSUSE-SU-2020:0068_1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2020:0095-1 Security update for libredwg
This update for libredwg fixes the following issues: libredwg was updated to release 0.9.3: Added the -x,--extnames option to dwglayers for r13-r14 DWGs. Fixed some leaks: SORTENTSTABLE, PROXYENTITY.ownerhandle for r13. Add DICTIONARY.itemhandles for r13 and r14. Fixed some dwglayers null pointer...
Updated kernel packages fix security vulnerabilities
This update is based on upstream 5.4.6 and fixes various potential security issues related to buffer overflows, double frees, NUll pointer dereferences, improper / missing input validations and so on. It also adds other bugfixes all over the kernel. Other fixes added in this update: - x86/MCE/AMD...
RHEL 7 : kernel (RHSA-2019:2029)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2029 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: Kernel: vhostnet: infinite loop while...
Debian DLA-1841-1 : gpac security update
Three issues have been found for gpac, an Open Source multimedia framework. Two of them are NULL pointer dereferences and one of them is a heap-based buffer overflow. For Debian 8 'Jessie', these problems have been fixed in version 0.5.0+svn5324dfsg1-1+deb8u4. We recommend that you upgrade your...
Important: Red Hat Security Advisory: kernel security and bug fix update
An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
SUSE SLED15 / SLES15 Security Update : audiofile (SUSE-SU-2019:0940-1)
This update for audiofile fixes the following issues : Security issue fixed : CVE-2018-13440: Return AFFAIL instead of causing NULL pointer dereferences later bsc1100523. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory...
SUSE SLES12 Security Update : kernel (SUSE-SU-2019:0828-1)
The SUSE Linux Enterprise 12 SP2 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-2024: A use-after-free when disconnecting a source was fixed which could lead to crashes. bnc1129179. CVE-2019-9213: expanddownwards in mm/mmap.c...
[SECURITY] [DLA 1600-1] libarchive security update
Package : libarchive Version : 3.1.2-11+deb8u4 CVE ID : CVE-2015-8915 CVE-2016-8687 CVE-2016-8688 CVE-2016-8689 CVE-2016-10209 CVE-2016-10349 CVE-2016-10350 CVE-2017-5601 CVE-2017-14166 CVE-2017-14501 CVE-2017-14502 CVE-2017-14503 Debian Bug : 853278 875960 875974 875966 874539 840934 840935 8616...
Heap overflow
Heap-based buffer overflow in the JPEG2000 image tile decoder in OpenJPEG before 1.5.2 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted file because of incorrect j2kdecode, j2kreadeoc, and tcddecodetile interaction, a...
Debian: Security Advisory (DLA-1045-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-1116-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DLA-929-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-968-1 : libpodofo security update
Several heap-based buffer overflows and NULL pointer dereferences have been discovered in libpodofo, a library for manipulating PDF files, that allow remote attackers to cause a denial of service application crash or other unspecified impact via a crafted PDF document. For Debian 7 'Wheezy', thes...
ytnef 1.9 Multiple Vulnerabilities
Exploit for linux platform in category local exploits Multiple Vulnerabilities in ytnef ================================= Overview -------- Severity Rating: High Confirmed Affected Versions: 1.9 and earlier Confirmed Patched Versions: 1.9.1 Vendor: Yerase Vendor URL: https://github.com/Yeraze/ytn...
Denial Of Service (DoS)
OpenSSL is vulnerable to denial of service DoS attacks. A malicious user can pass a long digit string in hex format to trigger an integer overflow, which can cause heap memory corruption or null pointer dereferences that can cause the system to crash...
SUSE SLES11 Security Update : jasper (SUSE-SU-2016:2776-1)
This update for jasper fixes the following issues: Security fixes : - CVE-2016-8887: NULL pointer dereference in jp2colrdestroy jp2cod.c bsc1006836 - CVE-2016-8886: memory allocation failure in jasmalloc jasmalloc.c bsc1006599 - CVE-2016-8884,CVE-2016-8885: two NULL pointer dereferences in...
Debian DLA-675-1 : potrace security update
Multiple vulnerabilities have been found in potrace. CVE-2013-7437 Multiple integer overflows in potrace 1.11 allow remote attackers to cause a denial of service crash via large dimensions in a BMP image, which triggers a buffer overflow. This bug was reported by Murray McAllister of the Red Hat...
Linux Kernel 3.10.0 (CentOS / RHEL 7.1) - 'Wacom' Multiple Nullpointer Dereferences
OS-S Security Advisory 2016-11 Linux wacom multiple Nullpointer Dereferences Date: March 4th, 2016 Authors: Sergej Schumilo, Hendrik Schwartke, Ralf Spenneberg CVE: not yet assigned CVSS: 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C Title: Multiple Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes ...