7020 matches found
EulerOS 2.0 SP5 : bind (EulerOS-SA-2019-2128)
According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - 'managed-keys' is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for us...
CVE-2019-6337
For the printers listed a maliciously crafted print file might cause certain HP Inkjet printers to assert. Under certain circumstances, the printer produces a core dump to a local device...
CVE-2019-6337
CVE-2019-6337 affects HP Inkjet printers via a maliciously crafted print file that can cause the device to assert and emit a core dump to a local device. Public details in HP’s advisory HPSBPI03630 (HP Inkjet Printers - Buffer Overflow and Local Disclosure of Information) confirm a Buffer Overflo...
RHEL 8 : bind (RHSA-2019:3552)
"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:3552 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named C...
JavaScriptCore - Type Confusion During Bailout when Reconstructing Arguments Objects
JavaScriptCore - Type Confusion During Bailout when Reconstructing Arguments Objects The following sample was found by Fuzzilli and then slightly modified. It crashes JSC in debug builds: function main const v2 = 1337,1337; const v3 = 1337,v2,v2,0; Object.proto = v3; for let v10 = 0; v10...
CVE-2019-13496
One Identity Cloud Access Manager before 8.1.4 Hotfix 1 allows OTP bypass via vectors involving a man in the middle, the One Identity Defender product, and replacing a failed SAML response with a successful SAML response...
CVE-2018-5742
While backporting a feature for a newer branch of BIND9, RedHat introduced a path leading to an assertion failure in buffer.c:420. Affects RedHat versions bind-9.9.4-65.el7 - bind-9.9.4-72.el7. No ISC releases are affected. Other packages from other distributions who made the same error may also ...
CVE-2018-5735
The Debian backport of the fix for CVE-2017-3137 leads to assertion failure in validator.c:1858; Affects Debian versions 9.9.5.dfsg-9+deb8u15; 9.9.5.dfsg-9+deb8u18; 9.10.3.dfsg.P4-12.3+deb9u5; 9.11.5.P4+dfsg-5.1 No ISC releases are affected. Other packages from other distributions who did similar...
CVE-2018-5735
The Debian backport of the fix for CVE-2017-3137 leads to assertion failure in validator.c:1858; Affects Debian versions 9.9.5.dfsg-9+deb8u15; 9.9.5.dfsg-9+deb8u18; 9.10.3.dfsg.P4-12.3+deb9u5; 9.11.5.P4+dfsg-5.1 No ISC releases are affected. Other packages from other distributions who did similar...
Authentication flaw
The Debian backport of the fix for CVE-2017-3137 leads to assertion failure in validator.c:1858; Affects Debian versions 9.9.5.dfsg-9+deb8u15; 9.9.5.dfsg-9+deb8u18; 9.10.3.dfsg.P4-12.3+deb9u5; 9.11.5.P4+dfsg-5.1 No ISC releases are affected. Other packages from other distributions who did similar...
Path traversal
While backporting a feature for a newer branch of BIND9, RedHat introduced a path leading to an assertion failure in buffer.c:420. Affects RedHat versions bind-9.9.4-65.el7 - bind-9.9.4-72.el7. No ISC releases are affected. Other packages from other distributions who made the same error may also ...
CVE-2018-5742
While backporting a feature for a newer branch of BIND9, RedHat introduced a path leading to an assertion failure in buffer.c:420. Affects RedHat versions bind-9.9.4-65.el7 - bind-9.9.4-72.el7. No ISC releases are affected. Other packages from other distributions who made the same error may also ...
CVE-2018-5742 An oversight while backporting a feature leads to an assertion failure in buffer.c:420
While backporting a feature for a newer branch of BIND9, RedHat introduced a path leading to an assertion failure in buffer.c:420. Affects RedHat versions bind-9.9.4-65.el7 - bind-9.9.4-72.el7. No ISC releases are affected. Other packages from other distributions who made the same error may also ...
CVE-2018-5742
While backporting a feature for a newer branch of BIND9, RedHat introduced a path leading to an assertion failure in buffer.c:420. Affects RedHat versions bind-9.9.4-65.el7 - bind-9.9.4-72.el7. No ISC releases are affected. Other packages from other distributions who made the same error may also ...
CVE-2018-5742
CVE-2018-5742 describes an assertion failure in BIND9 caused by a backport-related path in buffer.c:420, leading to a crash (denial of service). Affected are Red Hat family packages: bind-9.9.4-65.el7 through 9.9.4-72.el7, with no ISC releases affected; other distributions that replicated the err...
CVE-2018-5735 Backport of the fix for CVE-2017-3137 leads to assertion failure in validator.c:1858
The Debian backport of the fix for CVE-2017-3137 leads to assertion failure in validator.c:1858; Affects Debian versions 9.9.5.dfsg-9+deb8u15; 9.9.5.dfsg-9+deb8u18; 9.10.3.dfsg.P4-12.3+deb9u5; 9.11.5.P4+dfsg-5.1 No ISC releases are affected. Other packages from other distributions who did similar...
CVE-2018-5735
CVE-2017-3137 describes a denial-of-service in BIND caused by processing CNAME/DNAME responses in an unusual order, which can make named exit with an assertion failure. The CVE is evidenced by multiple advisories and vendor backports/disclosures (Arch Linux ASA-201704-11, CentOS/CESA entries 1095...
CVE-2018-5735
The Debian backport of the fix for CVE-2017-3137 leads to assertion failure in validator.c:1858; Affects Debian versions 9.9.5.dfsg-9+deb8u15; 9.9.5.dfsg-9+deb8u18; 9.10.3.dfsg.P4-12.3+deb9u5; 9.11.5.P4+dfsg-5.1 No ISC releases are affected. Other packages from other distributions who did similar...
Backport of the fix for CVE-2017-3137 leads to assertion failure in validator.c:1858
The Debian backport of the fix for CVE-2017-3137 leads to assertion failure in validator.c:1858; Affects Debian versions 9.9.5.dfsg-9+deb8u15; 9.9.5.dfsg-9+deb8u18; 9.10.3.dfsg.P4-12.3+deb9u5; 9.11.5.P4+dfsg-5.1 No ISC releases are affected. Other packages from other distributions who did similar...
Amazon Linux 2 : libtiff (ALAS-2019-1327)
Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service application crash via a crafted GIF file.CVE-2016-3186 An integer overflow has been discovered in libtiff in TIFFSetupStrips:tifwrite.c, which could lead to a heap-bas...