DEBIAN-CVE-2019-20056

stbimage.h aka the stb image loader 2.23, as used in libsixel and other products, has an assertion failure in stbishiftsigned...

CVE-2019-20056

stbimage.h aka the stb image loader 2.23, as used in libsixel and other products, has an assertion failure in stbishiftsigned...

Design/Logic Flaw

stbimage.h aka the stb image loader 2.23, as used in libsixel and other products, has an assertion failure in stbishiftsigned...

CVE-2019-20056

stbimage.h aka the stb image loader 2.23, as used in libsixel and other products, has an assertion failure in stbishiftsigned...

UBUNTU-CVE-2019-20056

stbimage.h aka the stb image loader 2.23, as used in libsixel and other products, has an assertion failure in stbishiftsigned...

CVE-2019-20056

CVE-2019-20056 corresponds to an assertion failure in stb_image.h 2.23 (stbi__shiftsigned), noted in Red Hat and Astra Linux advisories and also referenced in Debian/OSV notices. Affected component: the stb_image loader (as used by libsixel and related software). The published sources do not prov...

CVE-2019-20056

stbimage.h aka the stb image loader 2.23, as used in libsixel and other products, has an assertion failure in stbishiftsigned...

CVE-2019-20056

stbimage.h aka the stb image loader 2.23, as used in libsixel and other products, has an assertion failure in stbishiftsigned...

CVE-2018-18444

makeMultiView.cpp in exrmultiview in OpenEXR 2.3.0 has an out-of-bounds write, leading to an assertion failure or possibly unspecified other impact...

CVE-2018-17205

An issue was discovered in Open vSwitch OvS, 2.7.x through 2.7.6, 2.8.x through 2.8.4, and 2.9.x through 2.9.2, where the ofprotoruleinsert function inside ofproto/ofproto.c is affected by an assertion failure under certain circumstances. A specially crafted flow update applied using the bundling...

EulerOS 2.0 SP3 : exiv2 (EulerOS-SA-2019-2576)

According to the versions of the exiv2 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A PngChunk::parseChunkContent uncontrolled memory allocation in Exiv2 through 0.27.1 allows an attacker to cause a denial of service crash due to ...

EulerOS 2.0 SP3 : quagga (EulerOS-SA-2019-2657)

According to the versions of the quagga package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was discovered that the zebra daemon in Quagga before 1.0.20161017 suffered from a stack-based buffer overflow when processing IPv6 Neighbor...

EulerOS 2.0 SP3 : zziplib (EulerOS-SA-2019-2685)

According to the versions of the zziplib package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in ZZIPlib through 0.13.69. There is a memory leak triggered in the function zzipparserootdirectory in zip.c, which will...

EulerOS 2.0 SP5 : jasper (EulerOS-SA-2019-2530)

According to the version of the jasper package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The jpcfloorlog2 function in jpcmath.c in JasPer before 1.900.17 allows remote attackers to cause a denial of service assertion failure via...

glibc security update

2.28-72.0.1 - add Ampere emag to tunable cpu list Patrick McGehearty - add optimized memset for emag - add an ASIMD variant of strlen for falkor - Orabug: 2700101. - Modify glibc-ora28849085.patch so it works with RHCK kernels. - Orabug: 28849085. - Make IOfunlockfile match funlockfile and...

FreeBSD : libmad -- multiple vulnerabilities (b48e7b14-052a-11ea-a1de-53b029d2b061)

National Vulnerability Database : CVE-2017-8372: The madlayerIII function in layer3.c in Underbit MAD libmad 0.15.1b, if NDEBUG is omitted, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted audio file. CVE-2017-8373: The madlayerIII function...

CVE-2019-18844

The Device Model in ACRN before 2019w25.5-140000p relies on assert calls in devicemodel/hw/pci/core.c and devicemodel/include/pcicore.h instead of other mechanisms for propagating error information or diagnostic information, which might allow attackers to cause a denial of service assertion failu...

CVE-2019-18844

The Device Model in ACRN before 2019w25.5-140000p relies on assert calls in devicemodel/hw/pci/core.c and devicemodel/include/pcicore.h instead of other mechanisms for propagating error information or diagnostic information, which might allow attackers to cause a denial of service assertion failu...

Code injection

The Device Model in ACRN before 2019w25.5-140000p relies on assert calls in devicemodel/hw/pci/core.c and devicemodel/include/pcicore.h instead of other mechanisms for propagating error information or diagnostic information, which might allow attackers to cause a denial of service assertion failu...

CVE-2019-18844

ACRN Device Model (pre-2019w25.5-140000p) is affected by a denial-of-service condition caused by using asserts in PCI core code (devicemodel/hw/pci/core.c and devicemodel/include/pci_core.h) to propagate errors/diagnostic information. The issue can trigger an assertion failure in the PCI core. Th...