CVE-2018-13304

In libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency between the context profile field and studioprofile in libavcodec may trigger an assertion failure while converting a crafted AVI file to MPEG4, leading to a denial of service, related to errorresilience.c, h263dec.c, and...

CVE-2018-13304

In libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency between the context profile field and studioprofile in libavcodec may trigger an assertion failure while converting a crafted AVI file to MPEG4, leading to a denial of service, related to errorresilience.c, h263dec.c, and...

IBM WebSphere Application Server Liberty Information Disclosure Vulnerability (CNVD-2018-13472)

IBM WebSphere Application Server WAS is an application server product developed and distributed by IBM in the U.S. It is a platform for Java EE and Web services applications and the foundation of the IBM WebSphere software platform.Liberty is a dynamic server profile for WAS. An information...

Debian DLA-1411-1 : tiff security update

Several issues were discovered in TIFF, the Tag Image File Format library, that allowed remote attackers to cause a denial of service or other unspecified impact via a crafted image file. CVE-2017-11613: DoS vulnerability A crafted input will lead to a denial of service attack. During the TIFFOpe...

openSUSE Security Update : tiff (openSUSE-2018-677)

This update for tiff fixes the following issues : These security issues were fixed : - CVE-2017-18013: There was a NULL pointer Dereference in the tifprint.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash. bsc1074317 - CVE-2018-10963: The TIFFWriteDirectorySec function in...

openSUSE: Security Advisory for tiff (openSUSE-SU-2018:1834-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Design/Logic Flaw

tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h...

CVE-2018-12687

tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h...

CVE-2018-12687

tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h...

Improper Input Validation

Overview Affected versions of this package are vulnerable to Improper Input Validation tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h. Remediation There is no fixed version for tinyexr. References - GitHub Issue...

DEBIAN-CVE-2018-12687

tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h...

CVE-2018-12687

tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h...

CVE-2018-12687

tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h...

CVE-2018-12687

tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h...

CVE-2018-12687

CVE-2018-12687 affects tinyexr 0.9.5, with an assertion failure in DecodePixelData (tinyexr.h). Root cause is a boundary/logic assertion in decoding pixel data. In the provided documents, CVSS metrics show a high impact on availability (CVSS-3 base score 7.5) but no explicit exploitation details ...

Security Bulletin: Vulnerabilities in Graphite2 affect PowerKVM

Summary PowerKVM is affected by vulnerabilities in the Graphite 2 Library. IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2017-7778 DESCRIPTION: Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by an out-of-bounds write i...

Security Bulletin: Vulnerabilities in bind affect PowerKVM (CVE-2016-2776, CVE-2016-8864)

Summary PowerKVM is affected by vulnerabilities in ISC Bind. IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2016-2776 DESCRIPTION: ISC BIND is vulnerable to a denial of service, caused by an assertion failure in buffer.c while a nameserver is building responses to a...

Improper Input Validation

Overview Affected versions of this package are vulnerable to Improper Input Validation tinyexr 0.9.5 has an assertion failure in ComputeChannelLayout in tinyexr.h. Remediation There is no fixed version for tinyexr. References - Github.com - GitHub Issue...

CVE-2018-12504

tinyexr 0.9.5 has an assertion failure in ComputeChannelLayout in tinyexr.h...

CVE-2018-12504

tinyexr 0.9.5 has an assertion failure in ComputeChannelLayout in tinyexr.h...