EulerOS Virtualization for ARM 64 3.0.5.0 : libcroco (EulerOS-SA-2020-1076)

According to the versions of the libcroco package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The crparserparseselectorcore function in cr-parser.c in libcroco 0.6.12 allows remote attackers to cause a denial of...

CVE-2019-19930

In libIEC61850 1.4.0, MmsValuenewOctetString in mms/isomms/common/mmsvalue.c has an integer signedness error that can lead to an attempted excessive memory allocation...

EulerOS 2.0 SP5 : libcroco (EulerOS-SA-2019-2694)

According to the versions of the libcroco package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The crtknzrparsecomment function in cr-tknzr.c in libcroco 0.6.12 allows remote attackers to cause a denial of service memory allocation error...

Updated libcroco packages fix security vulnerability

Updated libcroco packages fix security vulnerabilities: Heap overflow input: check end of input before reading a byte CVE-2017-7960. Undefined behavior tknzr: support only max long rgb values CVE-2017-7961. Denial of service memory allocation error via a crafted CSS file CVE-2017-8834. Denial of...

EulerOS 2.0 SP2 : libcroco (EulerOS-SA-2019-2520)

According to the versions of the libcroco package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The crtknzrparsecomment function in cr-tknzr.c in libcroco 0.6.12 allows remote attackers to cause a denial of service memory allocation error...

EulerOS 2.0 SP8 : libcroco (EulerOS-SA-2019-2284)

According to the versions of the libcroco package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The crtknzrparsecomment function in cr-tknzr.c in libcroco 0.6.12 allows remote attackers to cause a denial of service memory allocation error...

UBUNTU-CVE-2019-15165

sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory...

DEBIAN-CVE-2019-15924

An issue was discovered in the Linux kernel before 5.0.11. fm10kinitmodule in drivers/net/ethernet/intel/fm10k/fm10kmain.c has a NULL pointer dereference because there is no -ENOMEM upon an allocworkqueue failure...

ImageMagick stack buffer overflow vulnerability (CNVD-2019-29231)

ImageMagick Studio ImageMagick is the United States ImageMagick Studio company's set of open source image processing software. A stack buffer overflow vulnerability exists in WritePNMImage in coders/pnm.c in ImageMagick 7.0.8-50 Q16. The vulnerability stems from the presence of an allocation erro...

openSUSE: Security Advisory for libcroco (openSUSE-SU-2019:1575-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2019-2259

Resource allocation error while playing the video whose dimensions are more than supported dimension in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W,...

Design/Logic Flaw

Resource allocation error while playing the video whose dimensions are more than supported dimension in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W,...

CVE-2019-2259

Resource allocation error while playing the video whose dimensions are more than supported dimension in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W,...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Systems Director (CVE-2016-2108,CVE-2016-2109,CVE-2016-2176)

Summary OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. OpenSSL is used by IBM Systems Director. IBM Systems Director has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-2108 DESCRIPTION: OpenSSL could allow a remote attacker to execute arbitrary...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Service Delivery Manager

Summary OpenSSL vulnerabilities were disclosed on September 22, 2016 by the OpenSSL Project. OpenSSL is installed on the operating system shipped via IBM Service Delivery Manager. IBM Service Delivery Manager has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-6303 DESCRIPTIO...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and OpenSSL affect IBM FileNet System Monitor/IBM Enterprise Content Management System

Summary OpenSSL vulnerabilities were disclosed on March 1, 2016 & May 3, 2016 by the OpenSSL Project. OpenSSL is used by Enterprise Content Management System Monitor has addressed the applicable CVEs. There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6 and 7 that is...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Security Network Controller (CVE-2016-6304, CVE-2016-6303, CVE-2016-6308, CVE-2016-2181, CVE-2016-6309, CVE-2016-7052 )

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Security Network Controller. IBM Security Network Controller has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-6304 DESCRIPTION: OpenSSL is vulnerable ...

Security Bulletin: OpenSSL as used in IBM QRadar SIEM is vulnerable to multiple CVE's.

Summary OpenSSL vulnerabilities disclosed on May 3 2016, https://www.openssl.org/news/secadv/20160503.txt plus CVE-2016-2842. Vulnerability Details CVE-ID: CVE-2016-2105 Description: OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVPEncodeUpdate...

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Security Identity Governance

Summary Vulnerabilities in Open Source openssl that is used by IBM Security Identity Governance Vulnerability Details CVEID: CVE-2016-2105 DESCRIPTION: OpenSSL is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the EVPEncodeUpdate function. By sending an overly...

Security Bulletin: OpenSSL vulnerabilities in IBM Algo Audit and Compliance (CVE-2016-2108, CVE-2016-2107, CVE-2016-2105, CVE-2016-2106, CVE-2016-2109, CVE-2016-2176)

Summary OpenSSL could allow a remote attacker to execute arbitrary code, obtain sensitive information or perform denial of service attacks. OpenSSL is used by IBM Algo Audit and Compliance. Vulnerability Details CVEID: CVE-2016-2108 DESCRIPTION: OpenSSL could allow a remote attacker to execute...