The vulnerability of the interactive graphical SCADA system, Interactive Graphical SCADA System (IGSS), arises from operations that go beyond the buffer boundaries in memory, allowing attackers to execute arbitrary code.

The vulnerability of the interactive graphical SCADA system, Interactive Graphical SCADA System IGSS, arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine allows attackers to trigger a service failure.

The vulnerability of the JavaScript script handler in Google Chrome’s V8 engine is related to data writing beyond the buffer. Exploiting this vulnerability could allow a malicious actor to cause a service failure through a specially crafted HTML page...

OPENSUSE-SU-2021:0482-1 Security update for evolution-data-server

This update for evolution-data-server fixes the following issues: - CVE-2020-16117: Fix crash on malformed server response with minimal capabilities bsc1174712. - CVE-2020-14928: Response injection via STARTTLS in SMTP and POP3 bsc1173910. - Fix buffer overrun when parsing base64 data bsc1182882...

Security update for evolution-data-server (moderate)

openSUSE Security Update: Security update for evolution-data-server Announcement ID: openSUSE-SU-2021:0482-1 Rating: moderate References: 1173910 1174712 1182882 Cross-References: CVE-2020-14928 CVE-2020-16117 CVSS scores: CVE-2020-14928 NVD : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N...

USN-3685-2 ruby2.0 regression

USN-3685-1 fixed a vulnerability in Ruby. The fix for CVE-2017-0903 introduced a regression in Ruby. This update fixes the problem. Original advisory details: Some of these CVE were already addressed in previous USN: 3439-1, 3553-1, 3528-1. Here we address for the remain releases. It was discover...

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, are related to the issue of operations occurring outside of the buffer in memory. This allows attackers to trigger service failures.

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat and Document Cloud, are related to the issue of operations going beyond the buffer in memory. Exploiting these vulnerabilities can allow attackers to cause servic...

[ASA-202103-23] dotnet-sdk-3.1: arbitrary code execution

Arch Linux Security Advisory ASA-202103-23 ========================================== Severity: High Date : 2021-03-25 CVE-ID : CVE-2021-26701 Package : dotnet-sdk-3.1 Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1701 Summary ======= The package...

[ASA-202103-21] dotnet-sdk: arbitrary code execution

Arch Linux Security Advisory ASA-202103-21 ========================================== Severity: High Date : 2021-03-25 CVE-ID : CVE-2021-26701 Package : dotnet-sdk Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1698 Summary ======= The package dotnet-sdk...

[ASA-202103-20] dotnet-runtime: arbitrary code execution

Arch Linux Security Advisory ASA-202103-20 ========================================== Severity: High Date : 2021-03-25 CVE-ID : CVE-2021-26701 Package : dotnet-runtime Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1698 Summary ======= The package...

[ASA-202103-22] dotnet-runtime-3.1: arbitrary code execution

Arch Linux Security Advisory ASA-202103-22 ========================================== Severity: High Date : 2021-03-25 CVE-ID : CVE-2021-26701 Package : dotnet-runtime-3.1 Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1701 Summary ======= The package...

SUSE-SU-2021:0949-1 Security update for evolution-data-server

This update for evolution-data-server fixes the following issues: - CVE-2020-16117: Fix crash on malformed server response with minimal capabilities bsc1174712. - CVE-2020-14928: Response injection via STARTTLS in SMTP and POP3 bsc1173910. - Fix buffer overrun when parsing base64 data bsc1182882...

The vulnerability of the Skia component in Google Chrome browsers allows attackers to access confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of the Skia component in Google Chrome’s browser is related to the execution of operations that exceed the permissible buffer data limits. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service...

The vulnerability of the ASN.1 BER analyzer of the computer network traffic analysis tool Wireshark allows a hacker to cause a service failure.

The vulnerability of the ASN.1 BER analyzer in Wireshark for analyzing computer network traffic involves an operation that goes beyond the acceptable limits of the data buffer. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

The vulnerability of Google Chrome’s Skia graphics library allows attackers to gain access to confidential data, compromise its integrity, and cause service interruptions.

The vulnerability of Google Chrome’s Skia graphics library is related to the execution of operations that go beyond the allowed data buffer limits. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service interruptions...

Vulnerability of the utils.c:checkmailpath command in the UNIX shell Zsh: This vulnerability involves allowing an operation to exceed the permissible data buffer size. This allows a malicious actor to access confidential data, compromise its integrity, and cause service failures.

The vulnerability in the utils.c:checkmailpath command of the UNIX shell Zsh involves allowing the execution of commands beyond the data buffer’s allowed limits. Exploiting this vulnerability could allow an attacker to access confidential data, compromise its integrity, and cause service failures...

SUSE-SU-2021:0891-1 Security update for evolution-data-server

This update for evolution-data-server fixes the following issues: - Fix buffer overrun when parsing base64 data bsc1182882. - CVE-2020-16117: Fix crash on malformed server response with minimal capabilities bsc1174712. - CVE-2020-14928: Response injection via STARTTLS in SMTP and POP3 bsc1173910...

SUSE-SU-2021:0885-1 Security update for evolution-data-server

This update for evolution-data-server fixes the following issues: - Fix buffer overrun when parsing base64 data bsc1182882. - CVE-2020-16117: Fix crash on malformed server response with minimal capabilities bsc1174712. - CVE-2020-14928: Response injection via STARTTLS in SMTP and POP3 bsc1173910...

The vulnerability of the track_header() function in the libavformat library of the Ffmpeg multimedia environment allows a attacker to cause a service failure.

The vulnerability of the trackheader function in the libavformat library of the Ffmpeg multimedia environment is related to the writing of data beyond the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failure...

The vulnerability of the Schneider Electric EcoStruxure Control Expert programming tool, related to the execution of operations beyond the buffer boundaries, allows a intruder to trigger a maintenance failure or execute arbitrary code.

The vulnerability of the Schneider Electric EcoStruxure Control Expert programming tool relates to the execution of operations beyond the buffer boundaries. Exploiting this vulnerability could allow an attacker to trigger a maintenance failure or execute arbitrary code by opening a specially...

The vulnerability in the built-in software of the Intel NUC Kit relates to the execution of operations outside the buffer in memory, allowing an attacker to exploit their privileges.

The vulnerability of the built-in software in the Intel NUC Kit relates to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to increase their privileges...