CVE-2020-15208

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of two tensors, TFLite uses a DCHECK which is no-op outside of debug compilation modes. Since the function always returns the dimension of the first tensor, malicious attackers can...

OPENSUSE-SU-2020:1517-1 Security update for jasper

This update for jasper fixes the following issues: - CVE-2016-9398: Improved patch for already fixed issue bsc1010979. - CVE-2016-9399: Fix assert in calcstepsizes bsc1010980. - CVE-2017-5499: Validate component depth bit bsc1020451. - CVE-2017-5503: Check bounds in jasseq2dbindsub bsc1020456. -...

Denial Of Service (DoS)

graphicsmagick is vulnerable to Denial Of Service DoS. The vulnerability exists through an assertion failure in ReadOneJNGImage in coders/png.c...

NewStart CGSL CORE 5.04 / MAIN 5.04 : krb5 Vulnerability (NS-SA-2020-0040)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has krb5 packages installed that are affected by a vulnerability: - A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 aka krb5 before 1.17. If an attacker can obtain a krbtgt ticket using an older encrypti...

CVE-2020-15772

An issue was discovered in Gradle Enterprise 2018.5 - 2020.2.4. When configuring Gradle Enterprise to integrate with a SAML identity provider, an XML metadata file can be uploaded by an administrator. The server side processing of this file dereferences XML External Entities XXE, allowing a remot...

F5 Networks BIG-IP : BIND vulnerability (K82252291)

In BIND 9.10.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.10.5-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: be running BIND tha...

CVE-2020-11135

u'Reachable assertion when wrong data size is returned by parser for ape clips' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8098, Kamorta, MSM8917, MSM8953, Nicobar, QCM2150, QCS605, QM215, Rennell, SA6155P, SA8155P, Saipan, SDM429, SDM439,...

CVE-2020-11135

CVE-2020-11135 affects Qualcomm closed‑source components (Snapdragon platforms). The issue is a reachable assertion when a wrong data size is returned by the ape clips parser, potentially impacting availability (CVSS v3.1: 7.5 HIGH, NETWORK, no user interaction). The provided documents specify th...

CVE-2020-11135

u'Reachable assertion when wrong data size is returned by parser for ape clips' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8098, Kamorta, MSM8917, MSM8953, Nicobar, QCM2150, QCS605, QM215, Rennell, SA6155P, SA8155P, Saipan, SDM429, SDM439,...

Huawei EulerOS: Security Advisory for qemu-kvm (EulerOS-SA-2020-1947)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2020-1953)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization for ARM 64 3.0.2.0 : bind (EulerOS-SA-2020-1953)

According to the versions of the bind packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An assertion failure was found in BIND, which checks the validity of messages containing TSIG resource records. This fla...

CVE-2020-13595

The Bluetooth Low Energy BLE controller implementation in Espressif ESP-IDF 4.0 through 4.2 for ESP32 devices returns the wrong number of completed BLE packets and triggers a reachable assertion on the host stack when receiving a packet with an MIC failure. An attacker within radio range can...

Denial Of Service (DoS)

BIND is vulnerable to denial of service DoS. An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit...

Denial Of Service (DoS)

bind is vulnerable to denial of service DoS. The vulnerability exists through sending zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2020-1836)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-2355-1 : bind9 security update

Two issues have been found in bind9, an Internet Domain Name Server. CVE-2020-8622 Crafted responses to TSIG-signed requests could lead to an assertion failure, causing the server to exit. This could be done by malicious server operators or guessing attackers. CVE-2020-8623 An assertions failure,...

ISC BIND 9.15.6 < 9.16.6 / 9.17.x < 9.17.4 DoS

According to its self-reported version number, the installation of ISC BIND running on the remote name server is version 9.15.6 prior to 9.16.6 or 9.17.x prior to 9.17.4. It is, therefore, affected by a denial of service DoS vulnerability due to an incorrectly specified maximum buffer size. An...

EulerOS 2.0 SP8 : bind (EulerOS-SA-2020-1836)

According to the version of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on...

[SECURITY] [DSA 4752-1] bind9 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4752-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 27, 2020 https://www.debian.org/security/faq -...