MGASA-2022-0334 Updated ostree packages fix security vulnerability

A memory corruption issue that could be triggered when diffing binary files. CVE-2014-9862...

CVE-2022-38453

The CVE-2022-38453 issue affects the CMS8000 device, where multiple binary application files are compiled with 'not stripped' and 'debug_info' settings. This weakens reverse-engineering resistance and could enable an attacker to identify additional vulnerabilities in the affected software stack. ...

GNU Binutils: Multiple Vulnerabilities

Background The GNU Binutils are a collection of tools to create, modify and analyse binary files. Many of the files use BFD, the Binary File Descriptor library, to do low-level manipulation. Description Multiple vulnerabilities have been discovered in GNU Binutils. Please review the CVE identifie...

August 2, 2022, update for Office 2016 (KB5002248)

August 2, 2022, update for Office 2016 KB5002248 This article describes update 5002248 for Microsoft Office 2016 that was released on August 2, 2022.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2016. It doesn't apply to...

[SECURITY] Fedora 36 Update: antlr4-project-4.9.3-6.fc36

ANTLR ANother Tool for Language Recognition is a powerful parser generator for reading, processing, executing, or translating structured text or binary files. It is widely used to build languages, tools, and frameworks. From a grammar, ANTLR generates a parser that can build and walk parse trees...

radare2 code issue vulnerability (CNVD-2023-06509)

radare2 is a set of libraries and tools for working with binary files. radare2 v5.7.2 contains a security vulnerability that stems from a NULL pointer dereference vulnerability discovered via the rbinfilextrloadbuffer function in bin/bfile.c. No detailed vulnerability details are available at thi...

[SECURITY] Fedora 36 Update: ghex-42.3-1.fc36

GHex can load raw data from binary files and display them for editing in the traditional hex editor view. The display is split in two columns, with hexadecimal values in one column and the ASCII representation in the other. A useful tool for working with raw data...

CVE-2021-46822

The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the getwordrgbrow function in rdppm.c...

radare2 Denial of Service Vulnerability (CNVD-2022-68517)

radare2 is a set of libraries and tools for working with binary files. radare2 version 5.5.2 suffers from a denial of service vulnerability that stems from a NULL pointer dereference in the libr/bin/p/binsymbols.c binary symbols parser. An attacker could exploit this vulnerability to cause a deni...

radare2 code issue vulnerability (CNVD-2022-31692)

radare2 is a set of libraries and tools for working with binary files. A code issue vulnerability exists in radare2 prior to 5.6.8 that is capable of crashing radare2, thereby affecting system availability. No details of the vulnerability are provided at this time...

Design/Logic Flaw

An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles file offsets in binary USD files. A specially crafted malformed file can trigger an arbitrary out-of-bounds memory access that could lead to the disclosure of sensitive information. This vulnerability could be used to bypa...

CVE-2020-13495

An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles file offsets in binary USD files. A specially crafted malformed file can trigger an arbitrary out-of-bounds memory access that could lead to the disclosure of sensitive information. This vulnerability could be used to bypa...

Radare2 Buffer Overflow Vulnerability (CNVD-2022-81356)

Radare2 is a set of libraries and tools for working with binary files.A buffer overflow vulnerability exists in versions of Radare2 prior to 5.6.8, which stems from out-of-bounds application reads of the rbinnegetentrypoints function. An attacker could exploit this vulnerability to read sensitive...

CVE-2022-28661

A vulnerability has been identified in Simcenter Femap All versions V2022.1.2. The affected application contains an out of bounds read past the end of an allocated buffer while parsing specially crafted .NEU files. This could allow an attacker to execute code in the context of the current process...

Radare2 Buffer Overflow Vulnerability (CNVD-2022-81362)

Radare2 is a set of libraries and tools for working with binary files. Radare2 is vulnerable to a buffer overflow vulnerability that originates in libr/bin/format/ne/ne.c when executing operations on memory that do not properly validate data boundaries. An attacker could exploit this vulnerabilit...

radare2 out-of-bounds read vulnerability

radare2 is a set of libraries and tools for working with binary files. radare2 versions prior to 5.6.8 contain an out-of-bounds read vulnerability that can be exploited by attackers to read sensitive information from outside the allocated buffer boundary...

[SECURITY] Fedora 36 Update: annobin-10.57-3.fc36

This package contains the tools needed to annotate binary files created by compilers, and also the tools needed to examine those annotations. One of the tools is a plugin for GCC that records information about the security options that were in effect when the binary was compiled. Note - the plugi...

IBM Maximo Anywhere Encryption Issue Vulnerability (CNVD-2022-12745)

IBM Maximo Anywhere is a next-generation mobile solution from IBM built on the IBM Worklight platform. The solution supports remote access to IBM Maximo Asset Management a comprehensive asset lifecycle and maintenance management solution workflow and asset management via mobile devices. an...

CVE-2022-25265

In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 e.g., with GCC 3.2.2 and Linux kernel 2.4.20. This can cause execution of bytes located in supposedly non-executable regions of a file...

CVE-2022-25265

In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 e.g., with GCC 3.2.2 and Linux kernel 2.4.20. This can cause execution of bytes located in supposedly non-executable regions of a file...