UBUNTU-CVE-2018-15822

The flvwritepacket function in libavformat/flvenc.c in FFmpeg through 2.8 does not check for an empty audio packet, leading to an assertion failure...

ADC SAML Error : “Malformed Assertion sent to NetScaler; Please contact your administrator”

End user getting the error message : “Malformed Assertion sent to NetScaler; Please contact your administrator” after authenticating at IDP ADFS v3...

ISC BIND 'deny-answer-aliases' Denial of Service Vulnerability

ISC BIND is prone to a denial of service vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:isc:bind"; ifdescription...

UBUNTU-CVE-2018-5740

"deny-answer-aliases" is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, ...

CVE-2017-7539

An assertion-failure flaw was found in Qemu before 2.10.1, in the Network Block Device NBD server's initial connection negotiation, where the I/O coroutine was undefined. This could crash the qemu-nbd server if a client sent unexpected data during connection negotiation. A remote user or process...

Authentication flaw

An assertion-failure flaw was found in Qemu before 2.10.1, in the Network Block Device NBD server's initial connection negotiation, where the I/O coroutine was undefined. This could crash the qemu-nbd server if a client sent unexpected data during connection negotiation. A remote user or process...

CVE-2017-7539

An assertion-failure flaw was found in Qemu before 2.10.1, in the Network Block Device NBD server's initial connection negotiation, where the I/O coroutine was undefined. This could crash the qemu-nbd server if a client sent unexpected data during connection negotiation. A remote user or process...

CVE-2017-7539

An assertion-failure flaw was found in Qemu before 2.10.1, in the Network Block Device NBD server's initial connection negotiation, where the I/O coroutine was undefined. This could crash the qemu-nbd server if a client sent unexpected data during connection negotiation. A remote user or process...

CVE-2017-7539

CVE-2017-7539 affects QEMU’s NBD server: an assertion-failure during initial connection negotiation can crash qemu-nbd, enabling a remote DoS. Affected product: QEMU/NBD server prior to 2.10.1. Root cause: I/O coroutine in the initial negotiation is undefined. Impact: Denial of service via server...

CVE-2017-7539

An assertion-failure flaw was found in Qemu before 2.10.1, in the Network Block Device NBD server's initial connection negotiation, where the I/O coroutine was undefined. This could crash the qemu-nbd server if a client sent unexpected data during connection negotiation. A remote user or process...

CVE-2017-7539

An assertion-failure flaw was found in Qemu before 2.10.1, in the Network Block Device NBD server's initial connection negotiation, where the I/O coroutine was undefined. This could crash the qemu-nbd server if a client sent unexpected data during connection negotiation. A remote user or process...

Oracle Fusion Middleware 12c (12.2.1.3.0) WebLogic SAML Issues Vulnerability

Two vulnerabilities were discovered within the Oracle WebLogic SAML service provider authentication mechanism. By inserting an XML comment into the SAML NameID tag, an attacker can coerce the SAML service provider to log in as another user. Additionally, WebLogic does not require signed SAML...

Olli Parviainen SoundTouch Denial of Service Vulnerability (CNVD-2018-20560)

Olli Parviainen SoundTouch is an open source audio processing library that is used to configure the speed, pitch, and playback rate of an audio stream or audio file, among other things. A security flaw exists in the 'FIRFilter::evaluateFilterMulti' function of the RateTransposer.cpp file of the...

Olli Parviainen SoundTouch Denial of Service Vulnerability

Olli Parviainen SoundTouch is an open source audio processing library that is used to configure the speed, pitch, and playback rate of an audio stream or audio file, among other things. The 'RateTransposer::setChannels' function in the RateTransposer.cpp file of the libSoundTouch.a static link...

CVE-2018-14044

SoundTouch library is vulnerable to reachable assertion in RateTransposer::setChannels function that can cause denial of service to applications using this library for processing the untrusted file input...

Security Bulletin: IBM Security Access Manager appliances are affected by a vulnerability in OpenLDAP (CVE-2015-6908)

Summary IBM Security Access Manager appliances use OpenLDAP. A vulnerability has been identified in OpenLDAP that affects the IBM Security Access Manager appliances. IBM Security Access Manager has addressed this vulnerability. Vulnerability Details CVEID: CVE-2015-6908 DESCRIPTION: OpenLDAP is...

CVE-2018-14045

The FIRFilter::evaluateFilterMulti function in FIRFilter.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service assertion failure and application exit, as demonstrated by SoundStretch...

Design/Logic Flaw

The RateTransposer::setChannels function in RateTransposer.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service assertion failure and application exit, as demonstrated by SoundStretch...

Design/Logic Flaw

The FIRFilter::evaluateFilterMulti function in FIRFilter.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service assertion failure and application exit, as demonstrated by SoundStretch...

UBUNTU-CVE-2018-14045

The FIRFilter::evaluateFilterMulti function in FIRFilter.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service assertion failure and application exit, as demonstrated by SoundStretch...