399 matches found
[slackware-security] expat
New expat packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/expat-2.4.3-i586-2slack14.2.txz: Rebuilt. Fix signed integer overflow in function XMLGetBuffer for when XMLCONTEXTBYTES i...
CVE-2022-23852
Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES...
CVE-2022-23852
Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES...
PT-2023-13229
Name of the Vulnerable Software and Affected Versions Libsndfile affected versions not specified Description The issue is related to multiple signed integers overflow in the au read header function in src/au.c and in the mat4 open and mat4 read header functions in src/mat4.c of Libsndfile. This...
Fix of CVE: CVE-2020-10543
CVE-2020-10543: fix signed integer overflow leading to heap buffer overrun...
Fix of CVE: CVE-2021-33574, CVE-2021-35942, CVE-2021-38604
Adopt pthreadattrcopy functionality, test case is included - CVE-2021-33574: avoid use-after-free vulnerability - CVE-2021-35942: avoid out-of-bounds read via signed integer overflow in array index - CVE-2021-38604: considered. No NULL pointer dereference is possible...
CVE-2021-31227
An issue was discovered in HCC embedded InterNiche 4.0.1. A potential heap buffer overflow exists in the code that parses the HTTP POST request, due to an incorrect signed integer comparison. This vulnerability requires the attacker to send a malformed HTTP packet with a negative Content-Length,...
CVE-2021-31227
An issue was discovered in HCC embedded InterNiche 4.0.1. A potential heap buffer overflow exists in the code that parses the HTTP POST request, due to an incorrect signed integer comparison. This vulnerability requires the attacker to send a malformed HTTP packet with a negative Content-Length,...
Heap overflow
An issue was discovered in HCC embedded InterNiche 4.0.1. A potential heap buffer overflow exists in the code that parses the HTTP POST request, due to an incorrect signed integer comparison. This vulnerability requires the attacker to send a malformed HTTP packet with a negative Content-Length,...
Integer overflow
TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of tf.rawops.QuantizeAndDequantizeV4Grad is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating memory based on thi...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.504.2.el7 - md/raid1: properly indicate failure when ending a failed write request Paul Clements Orabug: 32887159 - video: hypervfb: Add ratelimit on error message Michael Kelley Orabug: 32856879 - Drivers: hv: vmbus: Initialize unloadevent statically Andrea Parri Microsoft Orabug:...
SUSE: Security Advisory (SUSE-SU-2021:0153-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2021:14598-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLED15 / SLES15 Security Update : libass (SUSE-SU-2021:0936-1)
This update for libass fixes the following issues : CVE-2020-26682: Fixed a signed integer overflow in the call to outlinestroke bsc1177862. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to...
openSUSE Security Update : libass (openSUSE-2021-472)
This update for libass fixes the following issues : - CVE-2020-26682: Fixed a signed integer overflow in the call to outlinestroke bsc1177862. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptive text and package checks in this plug...
SUSE-SU-2021:0936-1 Security update for libass
This update for libass fixes the following issues: - CVE-2020-26682: Fixed a signed integer overflow in the call to outlinestroke bsc1177862...
MGASA-2021-0017 Updated libass packages fix security vulnerability
In libass 0.14.0, the assoutlineconstruct's call to outlinestroke causes a signed integer overflow. CVE-2020-26682...
Denial Of Service (DoS)
imagemagick is vulnerable to denial of service. A signed integer overflow in MagickCore/histogram.c allows an attacker to crash the application...
Denial Of Service (DoS)
imagemagick is vulnerable to denial of service. A division by zero can lead to outside the range of representable value in MagickCore/geometry.c and signed integer overflow in MagickCore/decorate.c...
[ASA-202011-19] libass: arbitrary code execution
Arch Linux Security Advisory ASA-202011-19 ========================================== Severity: Medium Date : 2020-11-19 CVE-ID : CVE-2020-26682 Package : libass Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-1285 Summary ======= The package libass before...