200 matches found
CVE-2018-19497
In The Sleuth Kit TSK through 4.6.4, hfscattraverse in tsk/fs/hfs.c does not properly determine when a key length is too large, which allows attackers to cause a denial of service SEGV on unknown address with READ memory access in a tskgetu16 call in hfsdiropenmetacb in tsk/fs/hfsdent.c...
[ASA-201811-17] libtiff: multiple issues
Arch Linux Security Advisory ASA-201811-17 ========================================== Severity: High Date : 2018-11-20 CVE-ID : CVE-2017-9935 CVE-2017-11613 CVE-2018-18557 CVE-2018-18661 Package : libtiff Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-790 Summary...
CVE-2018-15378 Clam AntiVirus unmew11() Denial of Service Vulnerability
A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service DoS condition. The vulnerability is due to an error related to the MEW unpacker within the "unmew11" function libclamav/mew.c, which can be exploited to trigger an invalid read memory access v...
CVE-2018-15378
A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service DoS condition. The vulnerability is due to an error related to the MEW unpacker within the "unmew11" function libclamav/mew.c, which can be exploited to trigger an invalid read memory access v...
libxml2/libxml2_xml_read_memory_fuzzer: Heap-use-after-free in xmlSAX2AttributeNs
Project: https://gitlab.gnome.org/GNOME/libxml2.git Detailed report: https://oss-fuzz.com/testcase?key=5721921484750848 Project: libxml2 Fuzzer: libFuzzerlibxml2xmlreadmemoryfuzzer Fuzz target binary: libxml2xmlreadmemoryfuzzer Job Type: libfuzzerasanlibxml2 Platform Id: linux Crash Type:...
CVE-2018-8868
Medtronic 24950 MyCareLink Monitor and 24952 MyCareLink Monitor contains debug code meant to test the functionality of the monitor's communication interfaces, including the interface between the monitor and implantable cardiac device. An attacker with physical access to the device can exploit oth...
Apple macOS High Sierra Input Validation Vulnerability
Apple macOS High Sierra is a specialized operating system developed by Apple for Mac computers.Graphics driver is one of the graphics drivers. A security vulnerability exists in the Graphics driver component of Apple macOS High Sierra. The vulnerability can be exploited by an attacker to read...
Git Information Disclosure Vulnerability
Git is a free and open source distributed version control system designed to handle small to large projects with speed and efficiency. Git suffers from an information disclosure vulnerability due to a Git input validation flaw that can be exploited by an attacker to read the contents of randomize...
BSA-2018-601
Security Advisory ID : BSA-2018-601 Component : Kernel Revision : 1.0: Final In some circumstances, some operating systems or hypervisors may not expect or properly handle an Intel architecture hardware debug exception. The error appears to be due to developer interpretation of existing...
[ASA-201803-7] dovecot: multiple issues
Arch Linux Security Advisory ASA-201803-7 ========================================= Severity: High Date : 2018-03-06 CVE-ID : CVE-2017-14461 CVE-2017-15130 CVE-2017-15132 Package : dovecot Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-645 Summary ======= The packag...
CVE-2017-16910
An error within the "LibRaw::xtransinterpolate" function internal/dcrawcommon.cpp in LibRaw versions prior to 0.18.6 can be exploited to cause an invalid read memory access and subsequently a Denial of Service condition...
Libraw 0.18.5 Denial Of Service Vulnerability
Libraw version 0.8.15 suffers from a denial of service vulnerability. ====================================================================== LibRaw Multiple Denial of Service Vulnerabilities ====================================================================== Table of Contents Affected...
CVE-2017-14257
In the SDK in Bento4 1.5.0-616, AP4AtomSampleTable::GetSample in Core/Ap4AtomSampleTable.cpp contains a Read Memory Access Violation vulnerability. It is possible to exploit this vulnerability by opening a crafted .MP4 file...
CVE-2017-14261
In the SDK in Bento4 1.5.0-616, the AP4StszAtom class in Ap4StszAtom.cpp file contains a Read Memory Access Violation vulnerability. It is possible to exploit this vulnerability by opening a crafted .MP4 file...
Design/Logic Flaw
In the SDK in Bento4 1.5.0-616, AP4AtomSampleTable::GetSample in Core/Ap4AtomSampleTable.cpp contains a Read Memory Access Violation vulnerability. It is possible to exploit this vulnerability by opening a crafted .MP4 file...
Design/Logic Flaw
In the SDK in Bento4 1.5.0-616, the AP4StszAtom class in Ap4StszAtom.cpp file contains a Read Memory Access Violation vulnerability. It is possible to exploit this vulnerability by opening a crafted .MP4 file...
CVE-2017-14257
In the SDK in Bento4 1.5.0-616, AP4AtomSampleTable::GetSample in Core/Ap4AtomSampleTable.cpp contains a Read Memory Access Violation vulnerability. It is possible to exploit this vulnerability by opening a crafted .MP4 file...
CVE-2017-14261
In the SDK in Bento4 1.5.0-616, the AP4StszAtom class in Ap4StszAtom.cpp file contains a Read Memory Access Violation vulnerability. It is possible to exploit this vulnerability by opening a crafted .MP4 file...
CVE-2017-14261
In the SDK in Bento4 1.5.0-616, the AP4StszAtom class in Ap4StszAtom.cpp file contains a Read Memory Access Violation vulnerability. It is possible to exploit this vulnerability by opening a crafted .MP4 file...
CVE-2017-14257
In the SDK in Bento4 1.5.0-616, AP4AtomSampleTable::GetSample in Core/Ap4AtomSampleTable.cpp contains a Read Memory Access Violation vulnerability. It is possible to exploit this vulnerability by opening a crafted .MP4 file...