Debian: Security Advisory (DSA-4735-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

kernel security and bug fix update

3.10.0-1127.18.2.OL7 - Oracle Linux certificates Ilya Okomin - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey Orabug: 24817676 - Conflict with shim-ia32 and shim-x64 setlease be called without ilock Jeff Layton...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : GRUB 2 vulnerabilities (USN-4432-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4432-1 advisory. Jesse Michael and Mickey Shkatov discovered that the configuration parser in GRUB2 did not properly exit when errors were...

USN-4432-1: GRUB 2 vulnerabilities

Jesse Michael and Mickey Shkatov discovered that the configuration parser in GRUB2 did not properly exit when errors were discovered, resulting in heap-based buffer overflows. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. CVE-2020-10713 Chris...

Debian DLA-2289-1 : mupdf security update

Several issues have been found in mupdf, a lightweight PDF viewer. The issues could be exploited by crafted PDF files that result in denial of service by heap-based buffer overflows, segmentation faults or out of bound reads. For Debian 9 stretch, these problems have been fixed in version...

Debian: Security Advisory (DLA-2289-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2289-1] mupdf security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2289-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz July 26, 2020 https://wiki.debian.org/LTS -...

CVE-2020-10379

In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c...

DEBIAN-CVE-2020-10379

In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c...

Buffer overflow

In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c...

PYSEC-2020-78

In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c...

CVE-2020-10379

Summary: CVE-2020-10379 affects Pillow prior to 7.1.0, with two Buffer Overflows in libImaging/TiffDecode.c. This is documented in the CVE as a vulnerability with partial confidentiality, integrity, and availability impact (CVSS v3.1: 7.8, LOCAL, UI REQUIRED; CVSS v2: 6.8). The initial descriptio...

CVE-2020-10379

In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c...

CVE-2020-10379

In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c...

CVE-2019-14062

Buffer overflows while decoding setup message from Network due to lack of check of IE message length received from network in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables ...

CVE-2019-14062

CVE-2019-14062 is a buffer overflow in how a setup message from the Network is decoded in various Qualcomm/Snapdragon components (listed in the description). Root cause: lack of validation of IE message length during network processing in multiple Snapdragon SoCs and related devices. Public sourc...

EulerOS 2.0 SP2 : vim (EulerOS-SA-2020-1668)

According to the version of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An integer overflow at a ureadundo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree...

Medium: wireshark

Issue Overview: In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator operations. CVE-2018-16057 In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE...

Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2020-1668)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for ipmitool (EulerOS-SA-2020-1649)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...