Design/Logic Flaw

stb stbtruetype.h through 1.22 has an assertion failure in stbttcffint...

CVE-2020-6623

stb stbtruetype.h through 1.22 has an assertion failure in stbttcffgetindex...

Design/Logic Flaw

stb stbtruetype.h through 1.22 has an assertion failure in stbttcffgetindex...

UBUNTU-CVE-2020-6619

stb stbtruetype.h through 1.22 has an assertion failure in stbttbufseek...

UBUNTU-CVE-2020-6617

stb stbtruetype.h through 1.22 has an assertion failure in stbttcffint...

UBUNTU-CVE-2020-6623

stb stbtruetype.h through 1.22 has an assertion failure in stbttcffgetindex...

CVE-2020-6617

CVE-2020-6617 affects the stb_truetype.h component of the stb library, with versions through 1.22. The root cause described in multiple sources is an assertion failure inside stbtt__cff_int, which can lead to a crash (DoS). Public details on affected products, versions beyond 1.22, or concrete re...

CVE-2020-6617

stb stbtruetype.h through 1.22 has an assertion failure in stbttcffint...

CVE-2020-6617

Removed by vendor...

CVE-2020-6619

CVE-2020-6619 affects the stb_truetype.h library (stb 1.22 and earlier); the flaw is an assertion failure in stbtt__buf_seek. Public references report this across multiple advisories (NVD, Red Hat, Ubuntu, Debian, CNVD, osv) with vulnerability entries focusing on the assertion in stb_truetype.h. ...

CVE-2020-6619

stb stbtruetype.h through 1.22 has an assertion failure in stbttbufseek...

CVE-2020-6619

Removed by vendor...

CVE-2020-6623

stb stbtruetype.h through 1.22 has an assertion failure in stbttcffgetindex...

CVE-2020-6623

The CVE-2020-6623 entry concerns the stb_truetype.h library: all versions up to 1.22 have an assertion failure in stbtt__cff_get_index. Connected sources confirm the affected component and the underlying cause, but no public mitigation steps are provided within the supplied documents. The NVD dat...

CVE-2020-6623

Removed by vendor...

CVE-2019-6468

In BIND Supported Preview Edition, an error in the nxdomain-redirect feature can occur in versions which support EDNS Client Subnet ECS features. In those versions which have ECS support, enabling nxdomain-redirect is likely to lead to BIND exiting due to assertion failure. Versions affected: BIN...

MikroTik's RouterOS Console Process Assertion Failure Vulnerability

RouterOS is the operating system used on MikroTik devices such as switches, routers and access points. A memory corruption vulnerability exists in MikroTik's RouterOS console process. A remote attacker who allows authentication could crash the console process by sending carefully crafted packets...

Updated exiv2 packages fix security vulnerabilities

The updated packages fix security vulnerabilities: An integer overflow in Exiv2 through 0.27.1 allows an attacker to cause a denial of service SIGSEGV via a crafted PNG image file, because PngImage::readMetadata mishandles a zero value for iccOffset. CVE-2019-13108 An integer overflow in Exiv2...

NewStart CGSL CORE 5.05 / MAIN 5.05 : libtiff Multiple Vulnerabilities (NS-SA-2019-0227)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has libtiff packages installed that are affected by multiple vulnerabilities: - Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service application crash...

stb_image.h Assertion Failure Vulnerability

libsixel is a package that provides an encoding/decoding implementation for DEC SIXEL graphics and other converter programs. stbimage.h is an image library. A security vulnerability exists in stbimage.h version 2.23 used in libsixel and other products. No details of the vulnerability are provided...