399 matches found
CVE-2020-26682
In libass 0.14.0, the assoutlineconstruct's call to outlinestroke causes a signed integer overflow...
CVE-2020-26682
In libass 0.14.0, the assoutlineconstruct's call to outlinestroke causes a signed integer overflow...
Integer overflow
In libass 0.14.0, the assoutlineconstruct's call to outlinestroke causes a signed integer overflow...
CVE-2020-26682
CVE-2020-26682 affects libass 0.14.0, where the call to outline_stroke inside ass_outline_construct can trigger a signed integer overflow. This vulnerability may cause a crash or, per multiple advisories, could enable arbitrary code execution under certain conditions. Several connected sources no...
CVE-2020-26682
In libass 0.14.0, the assoutlineconstruct's call to outlinestroke causes a signed integer overflow...
Fix of 227 CVE
Fix bug 69720: Null pointer dereference in phargetfpoffset - Fix bug 70728: Type Confusion Vulnerability in PHPtoXMLRPCworker - Fix bug 70661: Use After Free Vulnerability in WDDX Packet Deserialization - Fix bug 70741: Session WDDX Packet Deserialization Type Confusion Vulnerability - Fix bug...
CVE-2020-10024 ARM Platform Uses Signed Integer Comparison When Validating Syscall Numbers
The arm platform-specific code uses a signed integer comparison when validating system call numbers. An attacker who has obtained code execution within a user thread is able to elevate privileges to that of the kernel. See NCC-ZEP-001 This issue affects: zephyrproject-rtos zephyr version 1.14.0 a...
EulerOS Virtualization 3.0.2.2 : kernel (EulerOS-SA-2020-1269)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In the tun subsystem in the Linux kernel before 4.13.14, devgetvalidname is not called before registernetdevice. This allows loca...
MGASA-2020-0040 Updated libjpeg packages fix security vulnerabilities
The updated packages fix security vulnerabilities: A signed integer overflow and subsequent segfault that occurred when attempting to decompress images with more than 715827882 pixels using the 64-bit C version of TJBench. Out-of-bounds write in tjDecompressToYUV2 and tjDecompressToYUVPlanes...
CVE-2019-18805
An issue was discovered in net/ipv4/sysctlnetipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcpinput.c signed integer overflow in tcpackupdatertt when userspace writes a very large integer to /proc/sys/net/ipv4/tcpminrttwlen, leading to a denial of service or possibly unspecified...
FreeBSD : bro -- NULL pointer dereference and Signed integer overflow (f56669f5-d799-4ff5-9174-64a6d571c451)
Jon Siwek of Corelight reports : This is a security patch release to address potential Denial of Service vulnerabilities : - NULL pointer dereference in the RPC analysis code. RPC analyzers e.g. MOUNT or NFS are not enabled in the default configuration. - Signed integer overflow in BinPAC-generat...
QEMU: device_tree: heap buffer overflow while loading device tree blob
A heap buffer overflow issue was found in the loaddevicetree function of QEMU, which is invoked to load a device tree blob at boot time. It occurs due to device tree size manipulation before buffer allocation, which could overflow a signed int type. A user/process could use this flaw to potential...
QEMU: device_tree: heap buffer overflow while loading device tree blob
A heap buffer overflow issue was found in the loaddevicetree function of QEMU, which is invoked to load a device tree blob at boot time. It occurs due to device tree size manipulation before buffer allocation, which could overflow a signed int type. A user/process could use this flaw to potential...
QEMU: device_tree: heap buffer overflow while loading device tree blob
A heap buffer overflow issue was found in the loaddevicetree function of QEMU, which is invoked to load a device tree blob at boot time. It occurs due to device tree size manipulation before buffer allocation, which could overflow a signed int type. A user/process could use this flaw to potential...
QEMU: device_tree: heap buffer overflow while loading device tree blob
A heap buffer overflow issue was found in the loaddevicetree function of QEMU, which is invoked to load a device tree blob at boot time. It occurs due to device tree size manipulation before buffer allocation, which could overflow a signed int type. A user/process could use this flaw to potential...
QEMU: device_tree: heap buffer overflow while loading device tree blob
A heap buffer overflow issue was found in the loaddevicetree function of QEMU, which is invoked to load a device tree blob at boot time. It occurs due to device tree size manipulation before buffer allocation, which could overflow a signed int type. A user/process could use this flaw to potential...
CVE-2019-11072
lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a malicious HTTP GET request, as demonstrated by mishandling of /%2F? in burlnormalize2Ftoslashfix in burl.c. NOTE:...
PT-2019-5414 · Lighttpd +1 · Lighttpd +1
Name of the Vulnerable Software and Affected Versions: lighttpd versions prior to 1.4.54 Description: The issue is related to a signed integer overflow in lighttpd, which could allow remote attackers to cause a denial of service application crash or possibly have other unspecified impacts via a...
openSUSE Security Update : the Linux Kernel (openSUSE-2019-769)
The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2018-14633: A security flaw was found in the chapservercomputemd5 function in the ISCSI target code in a way an authentication request from an ISCSI initiator is...
openSUSE Security Update : podofo (openSUSE-2019-66)
This update for podofo version 0.9.6 fixes the following issues : Security issues fixed : - CVE-2017-5852: Fix a infinite loop in PoDoFo::PdfPage::GetInheritedKeyFromObject PdfPage.cpp boo1023067 - CVE-2017-5854: Fix a NULL pointer dereference in PdfOutputStream.cpp boo1023070 - CVE-2017-5886: Fi...