CVE-2021-3476

A flaw was found in OpenEXR's B44 uncompression functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to OpenEXR could trigger shift overflows, potentially affecting application availability...

CVE-2021-3474

There's a flaw in OpenEXR in versions before 3.0.0-beta. A crafted input file that is processed by OpenEXR could cause a shift overflow in the FastHufDecoder, potentially leading to problems with application availability...

CVE-2021-3476

A flaw was found in OpenEXR's B44 uncompression functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to OpenEXR could trigger shift overflows, potentially affecting application availability...

CVE-2021-3475

There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can submit a crafted file to be processed by OpenEXR could cause an integer overflow, potentially leading to problems with application availability...

CVE-2021-3475

There is a flaw in OpenEXR. An attacker who can submit a crafted file to be processed by OpenEXR could cause an integer overflow, potentially leading to problems with application availability...

CVE-2021-3474

There's a flaw in OpenEXR. A crafted input file that is processed by OpenEXR could cause a shift overflow in the FastHufDecoder, potentially leading to problems with application availability...

Ubuntu 16.04 LTS : OpenJPEG vulnerabilities (USN-4880-1)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4880-1 advisory. It was discovered that OpenJPEG incorrectly handled certain image data. An attacker could use this issue to cause OpenJPEG to crash, leading to a denial ...

Denial of Service via /rest/gadget/1.0/createdVsResolved/generate endpoint - CVE-2021-39123

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to impact the application's availability via a Denial of Service DoS vulnerability in the /rest/gadget/1.0/createdVsResolved/generate endpoint. The affected versions are before version 8.16.0. Affected versions:...

EulerOS Virtualization 3.0.2.6 : binutils (EulerOS-SA-2021-1408)

According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A use after free issue exists in the Binary File Descriptor BFD library aka libbfd in GNU Binutils 2.34 in bfdhashlookup, as...

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2021-1388)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization for ARM 64 3.0.6.0 : binutils (EulerOS-SA-2021-1580)

According to the versions of the binutils package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A Null Pointer Dereference vulnerability exists in the Binary File Descriptor BFD library aka libbfd, as distributed ...

Huawei EulerOS: Security Advisory for jasper (EulerOS-SA-2021-1308)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-20235

There's a flaw in the zeromq server in src/decoderallocators.hpp. The decoder static allocator could have its sized changed, but the buffer would remain the same as it is a static buffer. A remote, unauthenticated attacker who sends a crafted request to the zeromq server could trigger a buffer...

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2021-1135)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for openjpeg2 (EulerOS-SA-2021-1156)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-20189

There is a flaw in ImageMagick's MagickCore/gem.c version 7 and magick/gem.c version 6 files in GenerateDifferentialNoise. An attacker who is able to input a specially crafted file to ImageMagick for processing could cause a division-by-zero, which could affect application availability...

EulerOS 2.0 SP3 : ImageMagick (EulerOS-SA-2021-1074)

According to the versions of the ImageMagick packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ImageMagick 7.0.9-27 through 7.0.10-17 has a heap-based buffer over-read in BlobToStringInfo in MagickCore/string.c during TIFF image...

Debian: Security Advisory (DLA-2523-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-27845

There's a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior to 2.4.0. If an attacker is able to provide untrusted input to openjpeg's conversion/encoding functionality, they could cause an out-of-bounds read. The highest impact of this flaw is to application availability...

CVE-2020-27845

There's a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior to 2.4.0. If an attacker is able to provide untrusted input to openjpeg's conversion/encoding functionality, they could cause an out-of-bounds read. The highest impact of this flaw is to application availability...