UBUNTU-CVE-2020-10711

A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option CIPSO protocol's category bitmap into the SELinux extensible bitmap via the' ebitmapnetlblimport' routine. While processing...

Important: kernel-livepatch-4.14.171-136.231

Issue Overview: A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem. This flaw occurs while importing the Commercial IP Security Option CIPSO protocol's category bitmap into the SELinux extensible bitmap via the' ebitmapnetlblimport' routine. While processing the CIP...

Important: kernel-livepatch-4.14.177-139.253

Issue Overview: A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem. This flaw occurs while importing the Commercial IP Security Option CIPSO protocol's category bitmap into the SELinux extensible bitmap via the' ebitmapnetlblimport' routine. While processing the CIP...

Important: kernel-livepatch-4.14.173-137.229

Issue Overview: A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem. This flaw occurs while importing the Commercial IP Security Option CIPSO protocol's category bitmap into the SELinux extensible bitmap via the' ebitmapnetlblimport' routine. While processing the CIP...

DEBIAN-CVE-2020-11045

In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bound read in in updatereadbitmapdata that allows client memory to be read to an image buffer. The result displayed on screen as colour...

DEBIAN-CVE-2020-11044

In FreeRDP greater than 1.2 and before 2.0.0, a double free in updatereadcachebitmapv3order crashes the client application if corrupted data from a manipulated server is parsed. This has been patched in 2.0.0...

UBUNTU-CVE-2020-11045

In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bound read in in updatereadbitmapdata that allows client memory to be read to an image buffer. The result displayed on screen as colour...

UBUNTU-CVE-2020-11044

In FreeRDP greater than 1.2 and before 2.0.0, a double free in updatereadcachebitmapv3order crashes the client application if corrupted data from a manipulated server is parsed. This has been patched in 2.0.0...

The vulnerability of the ReadDIBImage function in the GraphicsMagick graphics editor arises from insufficient validation of input data, allowing attackers to trigger a service failure.

The vulnerability of the ReadDIBImage function in the GraphicsMagick graphics editor is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service interruptions using a specially created dib file...

PYSEC-2020-253

TensorFlow before 1.7.0 has an integer overflow that causes an out-of-bounds read, possibly causing disclosure of the contents of process memory. This occurs in the DecodeBmp feature of the BMP decoder in core/kernels/decodebmpop.cc...

PYSEC-2020-269

TensorFlow before 1.7.0 has an integer overflow that causes an out-of-bounds read, possibly causing disclosure of the contents of process memory. This occurs in the DecodeBmp feature of the BMP decoder in core/kernels/decodebmpop.cc...

CVE-2018-21233

TensorFlow before 1.7.0 has an integer overflow that causes an out-of-bounds read, possibly causing disclosure of the contents of process memory. This occurs in the DecodeBmp feature of the BMP decoder in core/kernels/decodebmpop.cc...

Moderate: Red Hat Security Advisory: fontforge security update

An update for fontforge is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

The vulnerability of the CImg library arises from an operation that occurs outside the buffer in memory, allowing a malicious actor to cause a service failure.

The vulnerability of the CImg library arises from an operation that occurs outside the buffer in memory. Exploiting this vulnerability can allow an attacker to cause a service failure due to the loading of a specially created BMP image...

The vulnerability of the `load_bmp` function in the CImg library, which allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the loadbmp function in the CImg library is related to a memory reclamation error. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information through the use of a specially created BMP image...

Arbitrary Code Execution

freetype is vulnerable to arbitrary code execution. The vulnerability exists as multiple flaws were found in the way FreeType handled TrueType Font TTF, Glyph Bitmap Distribution Format BDF, Windows .fnt and .fon, and PostScript Type 1 fonts. If a specially-crafted font file was loaded by an...

Denial Of Service (DoS)

FreeType is vulnerable to denial of service DoS. Multiple input validation flaws were found in the way FreeType processed bitmap font files. If a specially-crafted font file was loaded by an application linked against FreeType, it could cause the application to crash or, potentially, execute...

Arbitrary Code Execution

gimp is vulnerable to arbitrary code execution. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the GIMP's Microsoft Windows Bitmap BMP and Personal Computer eXchange PCX image file plug-ins. An attacker could create a specially-crafted BMP or PCX image file that,...

CVE-2020-11528

bit2spr 1992-06-07 has a stack-based buffer overflow 129-byte write in convbitmap in bit2spr.c via a long line in a bitmap file...

CVE-2020-11528

bit2spr 1992-06-07 has a stack-based buffer overflow 129-byte write in convbitmap in bit2spr.c via a long line in a bitmap file...