Debian DLA-3054-1 : sleuthkit - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3054 advisory. - In The Sleuth Kit TSK 4.4.2, opening a crafted ISO 9660 image triggers an out-of-bounds read in iso9660procdir in tsk/fs/iso9660dent.c in libtskfs.a, as...

GPAC MP4Box Denial of Service Vulnerability

GPAC is a multimedia framework. A denial of service vulnerability exists in GPAC MP4Box version 1.1.0, which originates from a stack buffer overflow at src/utils/error.c:1769 that can be exploited by an attacker to cause a denial of service...

EulerOS 2.0 SP5 : libtiff (EulerOS-SA-2022-1900)

According to the versions of the libtiff packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out ...

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2022-1900)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-41458

In GPAC MP4Box v1.1.0, there is a stack buffer overflow at src/utils/error.c:1769 which leads to a denial of service vulnerability...

CVE-2021-41458

In GPAC MP4Box v1.1.0, there is a stack buffer overflow at src/utils/error.c:1769 which leads to a denial of service vulnerability...

DEBIAN-CVE-2021-41458

In GPAC MP4Box v1.1.0, there is a stack buffer overflow at src/utils/error.c:1769 which leads to a denial of service vulnerability...

CVE-2021-41458

In GPAC MP4Box v1.1.0, there is a stack buffer overflow at src/utils/error.c:1769 which leads to a denial of service vulnerability...

CVE-2021-41458

In GPAC MP4Box v1.1.0, there is a stack buffer overflow at src/utils/error.c:1769 which leads to a denial of service vulnerability...

CVE-2021-41458

In GPAC MP4Box v1.1.0, there is a stack buffer overflow at src/utils/error.c:1769 which leads to a denial of service vulnerability...

CVE-2021-41458

CVE-2021-41458 affects GPAC MP4Box v1.1.0. Root cause is a stack buffer overflow at src/utils/error.c:1769, leading to a denial of service. Impact is stated as availability loss (Partial/High in some metrics; local or network vectors per sources). Remediation: upgrade GPAC to a version addressed ...

OSV-2022-476 Stack-buffer-overflow in simple_str_to_doublestr

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47986 Crash type: Stack-buffer-overflow WRITE 1 Crash state: simplestrtodoublestr icalvaluenewfromstring icalparseraddline...

OSV-2022-473 Stack-buffer-overflow in input_osc_52

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47964 Crash type: Stack-buffer-overflow READ 9 Crash state: inputosc52 inputexitosc inputparse...

OSV-2022-462 Stack-buffer-overflow in strcat

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47841 Crash type: Stack-buffer-overflow WRITE 5 Crash state: strcat TranslateNumber TranslateWord3...

CVE-2022-31031 Potential stack buffer overflow when parsing message as a STUN client

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions prior to and including 2.12.1 a stack buffer overflow vulnerability affects PJSIP users that use STUN in their...

CVE-2022-31031

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions prior to and including 2.12.1 a stack buffer overflow vulnerability affects PJSIP users that use STUN in their...

CVE-2022-31031 Potential stack buffer overflow when parsing message as a STUN client

PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions prior to and including 2.12.1 a stack buffer overflow vulnerability affects PJSIP users that use STUN in their...

dbus-broker-29 Memory Corruption

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Memory Corruption Vulnerabilities product: dbus-broker vulnerable version: dbus-broker-29 fixed version: dbus-broker-31 CVE number: CVE-2022-31212, CVE-2022-3121...

OSV-2022-452 Stack-buffer-overflow in parse_regex

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=47780 Crash type: Stack-buffer-overflow READ 1 Crash state: parseregex cliregex2suffix regexlistaddpattern...

Dell EMC iDRAC8 < 2.80.80.80 / Dell EMC iDRAC9 < 4.40.40.00 (DSA-2021-177)

The version of Dell EMC iDRAC8 or Dell EMC iDRAC9 installed on the remote host is affected by a vulnerability as referenced in the DSA-2021-177 advisory: - Dell iDRAC 9 prior to version 4.40.40.00 and iDRAC 8 prior to version 2.80.80.80 contain a Stack Buffer Overflow in Racadm. An authenticated...