zziplib: Memory leak triggered in the function __zzip_parse_root_directory in zip.c

An issue was discovered in ZZIPlib through 0.13.69. There is a memory leak triggered in the function zzipparserootdirectory in zip.c, which will lead to a denial of service attack...

rubygems: Infinite loop vulnerability due to negative size in tar header causes Denial of Service

RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a infinite loop caused by negative size vulnerability in ruby gem package tar header that can...

qt5-qtbase: QBmpHandler segmentation fault on malformed BMP file

An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data...

gvfs: Incorrect authorization in admin backend allows privileged users to read and modify arbitrary files without prompting for password

An incorrect permission check in the admin backend in gvfs was found that allows reading and modify arbitrary files by privileged users without asking for password when no authentication agent is running. This vulnerability can be exploited by malicious programs running under privileges of users...

libssh2: Integer overflow in SSH packet processing channel resulting in out of bounds write

An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 in the way SSHMSGCHANNELREQUEST packets with an exit signal are parsed. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server...

Mozilla: Memory safety bugs fixed in Firefox 68 and Firefox ESR 60.8

Mozilla developers and community members reported memory safety bugs present in Firefox 67 and Firefox ESR 60.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects...

CVE-2019-13312

blockcmp in libavcodec/zmbvenc.c in FFmpeg 4.1.3 has a heap-based buffer over-read...

libical: Type confusion in icaltimezone_get_vtimezone_properties function in icalproperty.c

A flaw in Thunderbird's implementation of iCal causes a type confusion in icaltimezonegetvtimezoneproperties when processing certain email messages, resulting in a crash. This vulnerability affects Thunderbird 60.7.1...

curl: Use-after-free when closing "easy" handle in Curl_close()

A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the Curlclose function, the library code first frees a struct without nulling the pointer and might then subsequently...

flash-plugin: Same origin policy bypass leading to information disclosure

Adobe Flash Player version 32.0.0.192 and earlier versions have a Same Origin Policy Bypass vulnerability. Successful exploitation could lead to Information Disclosure in the context of the current user...

chromium-browser: Out of bounds read in Skia

Lack of correct bounds checking in Skia in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page...

chromium-browser: parameter passing error in media player leading to unauthorized access

Parameter passing error in media in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

JDK: unspecified vulnerability fixed in 8u201 (Deployment)

Vulnerability in the Java SE component of Oracle Java SE subcomponent: Deployment. The supported version that is affected is Java SE: 8u192. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks...

flash-plugin: Arbitrary Code Execution vulnerability (APSB19-26)

Adobe Flash Player versions 32.0.0.171 and earlier, 32.0.0.171 and earlier, and 32.0.0.171 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution...

JDK: Read beyond the end of bytecode array causing JVM crash

In Eclipse OpenJ9 prior to the 0.14.0 release, the Java bytecode verifier incorrectly allows a method to execute past the end of bytecode array causing crashes. Eclipse OpenJ9 v0.14.0 correctly detects this case and rejects the attempted class load...

rubygems: Escape sequence injection vulnerability in verbose

An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::UserInteractionverbose calls say without escaping, escape sequence injection is possible...

[SECURITY] Fedora 30 Update: webkit2gtk3-2.24.1-1.fc30

WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform. This package contains WebKit2 based WebKitGTK for GTK 3...

chromium-browser: Integer overflow in PDFium

Integer overflow in PDFium in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially perform out of bounds memory access via a crafted PDF file...

chromium-browser: Type confusion in V8

Inappropriate optimization in V8 in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page...

Apache HTTP Server components to mention the right vulnerability alerts-a vulnerability alert-the black bar safety net

Recently, the Aapche HTTP Server official release of the Aapche HTTP Server 2.4.39 version update, this version fixes a bug number for CVE-2019-0211 mention the right vulnerability, the vulnerability rating of high risk, according to Sangfor security team, the vulnerabilities impact severity, the...