Adobe Flash Player Security Updates (APSB18-01) - Linux

Adobe Flash Player is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Adobe Flash Player Within Google Chrome Security Update (APSB18-01)- Mac OS X

Adobe Flash Player is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Integer Overflow Vulnerability in KingView

KingView Configuration King is the first industrial configuration software product launched by Asian Controls in China. An integer overflow vulnerability exists in KingView due to a stgopenstorage read failure that returns an error code outside the range of int on 32-bit systems. An attacker can...

GraphicsMagick 'DrawImage' Function Denial of Service Vulnerability

GraphicsMagick is a simple set of image processing tools. The tool provides resizing, rotating, highlighting and other functions to images. A security vulnerability exists in the 'DrawImage' function of the magick/render.c file in GraphicsMagick version 1.3.26. A remote attacker can exploit this...

CVE-2017-12598

OpenCV Open Source Computer Vision Library through 3.3 has an out-of-bounds read error in the cv::RBaseStream::readBlock function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::imread, as demonstrated by the 8-opencv-invalid-read-fread test case...

WildMIDI Denial of Service Vulnerability

WildMIDI is a free and open source software synthesizer that converts MIDI note data into an audio signal using GUS sound patches without the need for a GUS patch compatible sound card. A denial of service vulnerability exists in the WMSetupMidiEvent function in internalmidi.c:2122 in WildMIDI,...

DEBIAN-CVE-2017-12441

The rowisempty function in base/4bitmap.c:274 in minidjvu 0.8 can cause a denial of service invalid memory read and application crash via a crafted djvu file...

CVE-2017-12599

OpenCV Open Source Computer Vision Library through 3.3 has an out-of-bounds read error in the function icvCvtBGRA2BGR8uC4C3R when reading an image file by using cv::imread...

Out-of-bounds

OpenCV Open Source Computer Vision Library through 3.3 has an out-of-bounds read error in the cv::RBaseStream::readBlock function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::imread, as demonstrated by the 8-opencv-invalid-read-fread test case...

CVE-2017-12598

OpenCV Open Source Computer Vision Library through 3.3 has an out-of-bounds read error in the cv::RBaseStream::readBlock function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::imread, as demonstrated by the 8-opencv-invalid-read-fread test case...

CVE-2017-12599

CVE-2017-12599 (OpenCV) : OpenCV up to version 3.3 contains an out-of-bounds read in the function icvCvt_BGRA2BGR_8u_C4C3R when reading an image via cv::imread. Connected documents confirm this CVE appears in OpenCV-related advisories; the vulnerability is tied to reading image data and could tri...

CVE-2017-12598

OpenCV Open Source Computer Vision Library through 3.3 has an out-of-bounds read error in the cv::RBaseStream::readBlock function in modules/imgcodecs/src/bitstrm.cpp when reading an image file by using cv::imread, as demonstrated by the 8-opencv-invalid-read-fread test case...

gstreamer-plugins-good: Invalid memory read in gst_aac_parse_sink_setcaps

The gstaacparsesinksetcaps function in gst/audioparsers/gstaacparse.c in gst-plugins-good in GStreamer before 1.10.3 allows remote attackers to cause a denial of service invalid memory read and crash via a crafted audio file...

USN-3342-1: Linux kernel vulnerabilities

USN 3326-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. This update addresses the issue. We apologize for the inconvenience. It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux...

UBUNTU-CVE-2017-9221

The mp4ffreadmdhd function in common/mp4ff/mp4atom.c in Freeware Advanced Audio Decoder 2 FAAD2 2.7 allows remote attackers to cause a denial of service invalid memory read and application crash via a crafted mp4 file...

Tenable SecurityCenter OpenSSL 1.0.2 < 1.0.2k Multiple Vulnerabilities (TNS-2017-04)

The Tenable SecurityCenter application installed on the remote host is missing a security patch. It is, therefore, affected by multiple vulnerabilities in the bundled version of OpenSSL : - A carry propagation error exists in the Broadwell-specific Montgomery multiplication procedure when handlin...

UBUNTU-CVE-2017-9130

The faacEncOpen function in libfaac/frame.c in Freeware Advanced Audio Coder FAAC 1.28 allows remote attackers to cause a denial of service invalid memory read and application crash via a crafted wav file...

ALPINE-CVE-2017-9227

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in mbcenclen during regular expression searching. Invalid handling of reg-dmin in forwardsearchrange could result in an invalid pointer...

CVE-2017-9114

In OpenEXR 2.2.0, an invalid read of size 1 in the refill function in ImfFastHuf.cpp could cause the application to crash...

MySQL 5.7.x < 5.7.18 Multiple Vulnerabilities (April 2017 CPU) (July 2017 CPU)

The version of MySQL running on the remote host is 5.7.x prior to 5.7.18. It is, therefore, affected by multiple vulnerabilities : - A carry propagation error exists in the OpenSSL component in the Broadwell-specific Montgomery multiplication procedure when handling input lengths divisible by but...