USN-5236-1 A security issue was fixed in pngcrush

Brian Carpenter discovered that pngcrush incorrectly handled specially crafted file. An attacker could possibly use this issue to cause a denial of service...

Debian DSA-4386-1 : curl - security update

Multiple vulnerabilities were discovered in cURL, an URL transfer library. - CVE-2018-16890 Wenxiang Qian of Tencent Blade Team discovered that the function handling incoming NTLM type-2 messages does not validate incoming data correctly and is subject to an integer overflow vulnerability, which...

USN-3805-2: curl vulnerability

USN-3805-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Brian Carpenter discovered that the curl command-line tool incorrectly handled error messages. A remote attacker could possibly use this issue to obtain sensiti...

Debian DSA-4172-1 : perl - security update

Multiple vulnerabilities were discovered in the implementation of the Perl programming language. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2018-6797 Brian Carpenter reported that a crafted regular expression could cause a heap buffer write overflow...

Moderate: Red Hat Security Advisory: curl security update

An update for curl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

Ubuntu 14.04 LTS / 16.04 LTS : curl vulnerabilities (USN-3441-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3441-1 advisory. Daniel Stenberg discovered that curl incorrectly handled large floating point output. A remote attacker could use this issue to cause curl to...

Ubuntu: Security Advisory (USN-2959-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Vulnerability in OpenSSL - ASN.1 BIO excessive memory allocation

When ASN.1 data is read from a BIO using functions such as d2iCMSbio a short invalid encoding can casuse allocation of large amounts of memory potentially consuming excessive resources or exhausting memory. Any application parsing untrusted data through d2i BIO functions is affected. The memory...

Vulnerability in OpenSSL - Segmentation fault for invalid PSS parameters

Segmentation fault for invalid PSS parameters. The signature verification routines will crash with a NULL pointer dereference if presented with an ASN.1 signature using the RSA PSS algorithm and invalid parameters. Since these routines are used to verify certificate signature algorithms this can ...