CVE-2020-27750

A flaw was found in ImageMagick in MagickCore/colorspace-private.h and MagickCore/quantum.h. This flaw allows an attacker who submits a crafted file that is processed by ImageMagick to trigger undefined behavior in the form of values outside the range of types unsigned char and math division by...

CVE-2020-25675

A flaw was found in ImageMagick. Rounding calculations performed on unconstrained pixel offsets causes undefined behavior in the form of integer overflow and out-of-range values. Such issues could cause a negative impact to application availability or other problems related to undefined behavior,...

CVE-2020-25667

A flaw was found in TIFFGetProfiles in /coders/tiff.c calls strstr, which causes a large out-of-bounds read when it searches for "dc:format="image/dng" within profile due to improper string handling when a crafted input file is provided to ImageMagick. The patch uses a StringInfo type instead of...

CVE-2020-25665

A flaw was found in the PALM image coder at coders/palm.c where it makes an improper call to AcquireQuantumMemory in the WritePALMImage routine because it needs to be offset by 256. This issue causes an out-of-bounds read later on in the routine. The patch adds 256 to bytesperrow in the call to...

CVE-2020-25663

A flaw was found during a call to ConformPixelInfo in the SetImageAlphaChannel routine of /MagickCore/channel.c. This issue causes a subsequent heap-use-after-free or heap-buffer-overflow READ when GetPixelRed or GetPixelBlue1 is called. This flaw can occur when an attacker can submit a malicious...

CVE-2020-25676

A flaw was found ImageMagick. Multiple unconstrained pixel offset calculations produce undefined behavior in the form of out-of-range and integer overflows. These instances of undefined behavior could be triggered by an attacker who is able to supply a crafted input file. The highest threat from...

CVE-2020-25664

A flaw was found in ImageMagick. A specially crafted image could cause an out-of-bounds memory write leading to a crash. The highest threat from this vulnerability is to system availability...

CVE-2020-15437

A NULL pointer dereference flaw was found in the Linux kernel’s UART 8250 functionality, in the way certain hardware architectures handled situations where default ports 0x2E8, 0x2F8, 0x3E8, 0x3F8 are not available. This flaw allows a local user to crash the system. The highest threat from this...

CVE-2020-27780

A flaw was found in Linux-PAM in the way it handles empty passwords for non-existing users. When the user doesn't exist, PAM tries to authenticate with root and with an empty password, authentication is successful. The highest threat from this vulnerability is to confidentiality, integrity, as we...

nodejs-lodash: prototype pollution in zipObjectDeep function

A flaw was found in nodejs-lodash in versions 4.17.15 and earlier. A prototype pollution attack is possible which can lead to arbitrary code execution. The primary threat from this vulnerability is to data integrity and system availability...

kernel: out of bounds write in i2c driver leads to local escalation of privilege

An out-of-bounds write flaw was found in the i2c driver in the Linux kernel. This flaw allows an attacker to escalate privileges with system execution privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

bind: truncated TSIG response can lead to an assertion failure

A flaw was found in bind. An assertion failure can occur when trying to verify a truncated response to a TSIG-signed request. The highest threat from this vulnerability is to system availability...

CVE-2020-25660

A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2.14, where it does not verify Ceph clients correctly and is then vulnerable to replay attacks in Nautilus. This flaw allows an attacker with access to the Ceph cluster network to authenticate with the...

CVE-2020-25696

A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If an interactive psql session uses \gset when querying a compromised server, the attacker can execute arbitrary code as the operating...

CVE-2020-25696

A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If an interactive psql session uses \gset when querying a compromised server, the attacker can execute arbitrary code as the operating...

Design/Logic Flaw

A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If an interactive psql session uses \gset when querying a compromised server, the attacker can execute arbitrary code as the operating...

CVE-2020-25660

The CVE-2020-25660 issue affects Cephx authentication in Ceph versions before 15.2.6 and before 14.2.14, where client verification can be bypassed, enabling replay attacks over the msgr2 protocol (affecting most Ceph communications; msgr1 is unaffected). An attacker with cluster-network access co...

CVE-2020-25660

A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2.14, where it does not verify Ceph clients correctly and is then vulnerable to replay attacks in Nautilus. This flaw allows an attacker with access to the Ceph cluster network to authenticate with the...

CVE-2020-25660

A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2.14, where it does not verify Ceph clients correctly and is then vulnerable to replay attacks in Nautilus. This flaw allows an attacker with access to the Ceph cluster network to authenticate with the...

CVE-2020-25660

A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2.14, where it does not verify Ceph clients correctly and is then vulnerable to replay attacks in Nautilus. This flaw allows an attacker with access to the Ceph cluster network to authenticate with the...