CVE-2018-5549

CVE-2018-5549 affects BIG-IP APM SAML IdP (APMD may core) when processing SAML Assertions/responses. Affected: BIG-IP APM 11.6.0–11.6.3.1, 12.1.0–12.1.3.3, 13.0.0, 13.1.0–13.1.0.3. Impact: disruption of service (potential crash). Remediation: upgrade to fixed releases per vendor advisory (13.1.0....

CVE-2018-5549

On BIG-IP APM 11.6.0-11.6.3.1, 12.1.0-12.1.3.3, 13.0.0, and 13.1.0-13.1.0.3, APMD may core when processing SAML Assertion or response containing certain elements...

CVE-2018-16749

CVE-2018-16749: In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage (coders/png.c) allows a crafted file to trigger a denial of service (WriteBlob assertion failure and app exit). Affected versions are before the fixed release. Remediation: update ImageMagick to a version...

Amazon Linux AMI : krb5 (ALAS-2018-1010)

A denial of service flaw was found in MIT Kerberos krb5kdc service. An authenticated attacker could use this flaw to cause krb5kdc to exit with an assertion failure by making an invalid S4U2Self or S4U2Proxy request.CVE-2017-11368 An authentication bypass flaw was found in the way krb5's certauth...

Debian DLA-1485-1 : bind9 security update

CVE-2018-5740 The 'deny-answer-aliases' feature in BIND has a flaw which can cause named to exit with an assertion failure. For Debian 8 'Jessie', this problem has been fixed in version 1:9.9.5.dfsg-9+deb8u16. We recommend that you upgrade your bind9 packages. NOTE: Tenable Network Security has...

Libpango 1.40.8 - Denial of Service Exploit

Exploit for linux platform in category dos / poc Exploit Title: Libpango 1.40.8 - Denial of Service PoC Exploit Author: Jeffery M Vendor Homepage: https://www.pango.org/ Software Link: http://ftp.gnome.org/pub/GNOME/sources/pango/1.40/pango-1.40.9.tar.xz Version: 1.40.8+ Tested on: Windows 7,...

bind: processing of certain records when "deny-answer-aliases" is in use may trigger an assert leading to a denial of service

A denial of service flaw was discovered in bind versions that include the "deny-answer-aliases" feature. This flaw may allow a remote attacker to trigger an INSIST assert in named leading to termination of the process and a denial of service condition...

bind: processing of certain records when "deny-answer-aliases" is in use may trigger an assert leading to a denial of service

A denial of service flaw was discovered in bind versions that include the "deny-answer-aliases" feature. This flaw may allow a remote attacker to trigger an INSIST assert in named leading to termination of the process and a denial of service condition...

Libpango 1.40.8 - Denial of Service (PoC)

Libpango 1.40.8 - Denial of Service PoC Exploit Title: Libpango 1.40.8 - Denial of Service PoC Date: 2018-08-06 Exploit Author: Jeffery M Vendor Homepage: https://www.pango.org/ Software Link: http://ftp.gnome.org/pub/GNOME/sources/pango/1.40/pango-1.40.9.tar.xz Version: 1.40.8+ Tested on: Window...

Libpango 1.40.8 Denial Of Service

Exploit Title: Libpango 1.40.8 - Denial of Service PoC Date: 2018-08-06 Exploit Author: Jeffery M Vendor Homepage: https://www.pango.org/ Software Link: http://ftp.gnome.org/pub/GNOME/sources/pango/1.40/pango-1.40.9.tar.xz Version: 1.40.8+ Tested on: Windows 7, Gentoo CVE : CVE-2018-15120 Patch :...

Libpango 1.40.8 - Denial of Service (PoC)

Exploit Title: Libpango 1.40.8 - Denial of Service PoC Date: 2018-08-06 Exploit Author: Jeffery M Vendor Homepage: https://www.pango.org/ Software Link: http://ftp.gnome.org/pub/GNOME/sources/pango/1.40/pango-1.40.9.tar.xz Version: 1.40.8+ Tested on: Windows 7, Gentoo CVE : CVE-2018-15120 Patch :...

FFmpeg 'flv_write_packet' function denial of service vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in the 'flvwritepacket' function in the libavformat/flvenc.c file in FFmpeg 4.0.2 and earlier versions, which stems from the 'flvwritepacket ' function does...

MGASA-2018-0353 Updated bind packages fix security vulnerability

Updated bind packages fix security vulnerability: In ISC BIND, a defect in thie "deny-answer-aliases" feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Accidental or deliberate triggering of this defect will cause a REQUIRE assertion failure in named...

Design/Logic Flaw

The flvwritepacket function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure...

CVE-2018-15822

The flvwritepacket function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure...

CVE-2018-15822

The flvwritepacket function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure...

CVE-2018-15822

CVE-2018-15822 affects FFmpeg/libav through 2.8 where flv_write_packet in libavformat/flvenc.c does not check for an empty audio packet, triggering an assertion failure. Multiple connected advisories (Debian DLA-1809, DSA-4449; USN-3967-1; Cloud Foundry/Ubuntu advisories) reference this CVE along...

CVE-2018-15822

The flvwritepacket function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure...

CVE-2018-15822

The flvwritepacket function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure...

CVE-2018-15822

The flvwritepacket function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure...