Apple macOS Buffer Error Vulnerability

Apple macOS is a proprietary operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in Apple macOS that originates from a boundary condition when handling USB files in the Model I / O component of macOS. A local user can insert a specially crafted USB drive to...

PHP 7.4.x < 7.4.5 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is prior to 7.2.30, 7.3.x prior to 7.3.17, or 7.4.x prior to 7.4.5. It is, therefore, affected by multiple vulnerabilities: - An out-of-bounds read error exists in urldecode due to improper data validation checks. An...

Apple Mac OS X Security Update (HT211170 - 05)

Apple Mac OS X is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Apple Mac OS X Security Update (HT211170 - 02)

Apple Mac OS X is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

DEBIAN-CVE-2020-11048

In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bounds read. It only allows to abort a session. No data extraction is possible. This has been fixed in 2.0.0...

PHP 7.2.x < 7.2.30 Multiple Vulnerabilities

According to its self-reported version number, the version of PHP running on the remote web server is 7.2.x prior to 7.2.30. It is, therefore, affected by multiple vulnerabilities: - An out-of-bounds read error exists in urldecode due to improper data validation checks. An attacker can exploit...

PHP 7.4.x < 7.4.4 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is prior to 7.2.29, 7.3.x prior to 7.3.16, or 7.4.x prior to 7.4.4. It is, therefore, affected by multiple vulnerabilities: - An improper null termination exists in getheaders due to a silent truncation after a null byte...

MGASA-2020-0058 Updated samba packages fix security vulnerabilities

The implementation of ACL inheritance in the Samba AD DC was not complete, and so absent a 'full-sync' replication, ACLs could get out of sync between domain controllers CVE-2019-14902. When processing untrusted string input Samba can read past the end of the allocated buffer when printing a...

PHP 7.2.x < 7.2.26 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is prior to 7.2.26, 7.3.x prior to 7.3.13, or 7.4.x prior to 7.4.1. It is, therefore, affected by multiple vulnerabilities: - An arbitrary file read vulnerability exists in link and DirectoryIterator class due to imprope...

PHP 7.3.x < 7.3.13 / 7.4.x < 7.4.1 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.3.x prior to 7.3.13 or 7.4.x prior to 7.4.1. It is, therefore, affected by multiple vulnerabilities: - An arbitrary file read vulnerability exists in link and DirectoryIterator class due to improper handling of...

PHP 7.2.x < 7.2.26 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 7.2.x prior to 7.2.26. It is, therefore, affected by multiple vulnerabilities: - An arbitrary file read vulnerability exists in link and DirectoryIterator class due to improper handling of embedded \0 byte character a...

Apple Xcode Arbitrary Code Execution Vulnerability (HT210796)

Apple Xcode is prone to an arbitrary code execution vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:xcode";...

Foxit Studio Photo < 3.6.6.913 Multiple Vulnerabilities

According to its self-reported version, the Foxit Studio Photo application installed on the remote Windows host is affected by multiple vulnerabilities: - An out-of-bounds read error exist in the TIF file handler when processing InkNames of TIFFSetField due to improper validation of user-supplied...

evince: uninitialized memory use in function tiff_document_render() and tiff_document_get_thumbnail()

The tiffdocumentrender and tiffdocumentgetthumbnail functions in the TIFF document backend in GNOME Evince through 3.32.0 did not handle errors from TIFFReadRGBAImageOriented, leading to uninitialized memory use when processing certain TIFF image files...

Security Bulletin: Multiple vulnerabilities in Open Source Binutils and Open Source OpenSSL affect IBM Netezza Analytics

Summary Open Source Binutils and OpenSSL is used by IBM Netezza Analytics. IBM Netezza Analytics has addressed the applicable CVEs Vulnerability Details CVEID: CVE-2014-9939 DESCRIPTION: GNU Binutils is vulnerable to a denial of service, caused by a stack-based buffer overflow in ihex.c. By using...

CVE-2019-17389

In RIOT 2019.07, the MQTT-SN implementation asymcute mishandles errors occurring during a read operation on a UDP socket. The receive loop ends. This allows an attacker via a large packet to prevent a RIOT MQTT-SN client from working until the device is restarted...

PYSEC-2019-221

Home Assistant before 0.67.0 was vulnerable to an information disclosure that allowed an unauthenticated attacker to read the application's error log via components/api.py...

DEBIAN-CVE-2019-14491

An issue was discovered in OpenCV before 3.4.7 and 4.x before 4.1.1. There is an out of bounds read in the function cv::predictOrdered in modules/objdetect/src/cascadedetect.hpp, which leads to denial of service...

macOS : Apple Safari < 11.1.1 Multiple Vulnerabilities

The version of Apple Safari installed on the remote macOS or Mac OS X host is prior to 11.1.1 It is, therefore, affected by multiple vulnerabilities. - A remote code execution vulnerability exists in WebKit due to improper memory handling. An unauthenticated, remote attacker can exploit this, via...

Google Chrome Security Updates (stable-channel-update-for-desktop_23-2019-04) - Mac OS X

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...