7015 matches found
AZL-44283 CVE-2018-18444 affecting package OpenEXR 2.3.0-6
makeMultiView.cpp in exrmultiview in OpenEXR 2.3.0 has an out-of-bounds write, leading to an assertion failure or possibly unspecified other impact...
CVE-2018-18444
makeMultiView.cpp in exrmultiview in OpenEXR 2.3.0 has an out-of-bounds write, leading to an assertion failure or possibly unspecified other impact...
CVE-2018-18444
makeMultiView.cpp in exrmultiview in OpenEXR 2.3.0 has an out-of-bounds write, leading to an assertion failure or possibly unspecified other impact...
CVE-2018-18444
CVE-2018-18444 affects OpenEXR 2.3.0 via an out-of-bounds write in exrmultiview/makeMultiView.cpp, leading to an assertion failure or possibly other impact. The issue is documented in multiple advisories and has been addressed in OpenEXR 2.4.0 (and later). Recommendation: upgrade to a patched rel...
CVE-2018-18444
makeMultiView.cpp in exrmultiview in OpenEXR 2.3.0 has an out-of-bounds write, leading to an assertion failure or possibly unspecified other impact...
CVE-2018-18444
makeMultiView.cpp in exrmultiview in OpenEXR 2.3.0 has an out-of-bounds write, leading to an assertion failure or possibly unspecified other impact...
[ASA-201810-9] wireshark-cli: multiple issues
Arch Linux Security Advisory ASA-201810-9 ========================================= Severity: High Date : 2018-10-12 CVE-ID : CVE-2018-12086 CVE-2018-18225 CVE-2018-18226 CVE-2018-18227 Package : wireshark-cli Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-779 Summa...
VMware Workspace ONE Unified Endpoint Management Console (AirWatch Console) SAML Authentication Bypass Vulnerability
VMware Workspace ONE Unified Endpoint Management Console is a console product from VMware. A SAML authentication bypass vulnerability exists in the VMware Workspace ONE Unified Endpoint Management Console AirWatch Console, which could allow an attacker to emulate an authorized SAML session if...
UBUNTU-CVE-2018-4213
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks...
UBUNTU-CVE-2018-4207
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks...
UBUNTU-CVE-2018-4208
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks...
UBUNTU-CVE-2018-4212
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks...
WebKit memory corruption vulnerability in multiple Apple products (CNVD-2018-24561)
Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser shipped with the Mac OS X and iOS operating systems. iTunes for Windows is a media player and application for the Windows platform. WebKit is one of the web browser engine components...
WebKit memory corruption vulnerability in multiple Apple products (CNVD-2018-24562)
Apple iOS is an operating system developed for mobile devices; Safari is a web browser that is the default browser shipped with the Mac OS X and iOS operating systems. iTunes for Windows is a media player and application for the Windows platform. WebKit is one of the web browser engine components...
keycloak: SAML request parser replaces special strings with system properties
It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID fie...
Security update for ffmpeg-4 (low)
This update for ffmpeg-4 to version 4.0.2 fixes the following issues: These security issues were fixed: - CVE-2018-15822: The flvwritepacket function did not check for an empty audio packet, leading to an assertion failure and DoS bsc1105869. - CVE-2018-13300: An improper argument passed to the...
Telegram Desktop 1.3.14 denial of service Vulnerability
Exploit for linux platform in category dos / poc Telegram Desktop aka tdesktop 1.3.14 might allow attackers to cause a denial of service assertion failure and application exit via an "Edit color palette" search that triggers an "index out of range" condition. NOTE: this issue is disputed by...
CVE-2018-17231
Telegram Desktop aka tdesktop 1.3.14 might allow attackers to cause a denial of service assertion failure and application exit via an "Edit color palette" search that triggers an "index out of range" condition. NOTE: this issue is disputed by multiple third parties because the described attack...
CVE-2018-17231
Telegram Desktop aka tdesktop 1.3.14 might allow attackers to cause a denial of service assertion failure and application exit via an "Edit color palette" search that triggers an "index out of range" condition. NOTE: this issue is disputed by multiple third parties because the described attack...
CVE-2018-17231
Telegram Desktop aka tdesktop 1.3.14 might allow attackers to cause a denial of service assertion failure and application exit via an "Edit color palette" search that triggers an "index out of range" condition. NOTE: this issue is disputed by multiple third parties because the described attack...