11 matches found
freerdp: FreeRDP global-buffer-overflow
A global buffer overflow flaw has been discovered in FreeRDP. This global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = 0 can be...
libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion
A flaw was found in libpng. A remote attacker could exploit an out-of-bounds read and write vulnerability in the ARM/AArch64 Neon-optimized palette expansion path. This occurs when processing a final partial chunk of 8-bit paletted rows without verifying sufficient input pixels, leading to...
libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion
A flaw was found in libpng. A remote attacker could exploit an out-of-bounds read and write vulnerability in the ARM/AArch64 Neon-optimized palette expansion path. This occurs when processing a final partial chunk of 8-bit paletted rows without verifying sufficient input pixels, leading to...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read through the NEON palette expansion functions in arm/paletteneonintrinsics.c. An attacker can corrupt memory or crash the application by supplying a PNG row whose width is not a multiple of the NEON chunk size. Notes -...
freerdp: FreeRDP global-buffer-overflow
A global buffer overflow flaw has been discovered in FreeRDP. This global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = 0 can be...
SUSE CVE-2026-22858
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = ...
CVE-2026-22858 FreeRDP has a global-buffer-overflow in crypto_base64_decode
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = ...
EUVD-2023-29958
Malicious code in bioql PyPI...
SUSE-SU-2023:2150-1 Security update for shim
This update for shim fixes the following issues: - Updated shim signature after shim 15.7 be signed back: signature-sles.x8664.asc, signature-sles.aarch64.asc bsc1198458 - Add POSTPROCESSPEFLAGS=-N to the build command in shim.spec to disable the NX compatibility flag when using post-process-pe...
SUSE-SU-2023:1863-1 Security update for shim
This update for shim fixes the following issues: - Updated shim signature after shim 15.7 be signed back: signature-sles.x8664.asc, signature-sles.aarch64.asc bsc1198458 - Add POSTPROCESSPEFLAGS=-N to the build command in shim.spec to disable the NX compatibility flag when using post-process-pe...
shim security update
shim 0.7-8.0.1 - update Oracle Linux certificates Alexey Petrenko - replace securebootca.cer Alexey Petrenko 0.7-8 - out-of-bounds memory read flaw in DHCPv6 packet processing Resolves: CVE-2014-3675 - heap-based buffer overflow flaw in IPv6 address parsing Resolves: CVE-2014-3676 - memory...