OPENSUSE-SU-2021:0358-1 Security update for glibc

This update for glibc fixes the following issues: - Fix buffer overrun in EUC-KR conversion module CVE-2019-25013, bsc1182117, BZ 24973 - x86: Harden printf against non-normal long double values CVE-2020-29573, bsc1179721, BZ 26649 - gconv: Fix assertion failure in ISO-2022-JP-3 module...

SUSE-SU-2021:0653-1 Security update for glibc

This update for glibc fixes the following issues: - Fix buffer overrun in EUC-KR conversion module CVE-2019-25013, bsc1182117, BZ 24973 - x86: Harden printf against non-normal long double values CVE-2020-29573, bsc1179721, BZ 26649 - gconv: Fix assertion failure in ISO-2022-JP-3 module...

SUSE-SU-2021:0608-1 Security update for glibc

This update for glibc fixes the following issues: - Fix buffer overrun in EUC-KR conversion module CVE-2019-25013, bsc1182117, BZ 24973 - gconv: Fix assertion failure in ISO-2022-JP-3 module CVE-2021-3326, bsc1181505, BZ 27256 - Fix parsing of /sys/devices/system/cpu/online bsc1180038, BZ 25859 -...

The vulnerability of the Junos operating system, related to the operation of data out of the buffer in memory, allows a attacker to cause a service failure.

The vulnerability of the Junos operating system is related to the operation of data out of the buffer in memory. Exploiting this vulnerability allows a malicious actor to trigger a service failure using specially crafted DHCP packets...

The vulnerability of the DxgkDdiEscape function in NVIDIA GeForce, Quadro, and Tesla graphics drivers for Windows operating systems allows a hacker to trigger a service failure or increase their privileges.

The vulnerability of the DxgkDdiEscape function in NVIDIA GeForce, Quadro, and Tesla graphics drivers for Windows operating systems is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow an attacker to cause system failures or gain...

The vulnerability of the SQLite database management system, related to writing data beyond the buffer boundaries in memory, allows an attacker to gain unauthorized access to protected information.

The vulnerability of the SQLite database management system is related to writing data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

CVE-2020-27007

A vulnerability has been identified in JT2Go All versions V13.1.0.1, Teamcenter Visualization All versions V13.1.0.1. Affected applications lack proper validation of user-supplied data when parsing of HPG files. This could result in a memory access past the end of an allocated buffer. An attacker...

CVE-2020-27004

A vulnerability has been identified in JT2Go All versions V13.1.0.1, Teamcenter Visualization All versions V13.1.0.1. Affected applications lack proper validation of user-supplied data when parsing of CGM files. This could result in a memory access past the end of an allocated buffer. An attacker...

JT2Go 缓冲区错误漏洞

Siemens Jt2go and Siemens Teamcenter Visualization are both products of Siemens, Germany.Siemens Jt2go is a JT file viewer. The software is used for lightweight previewing of 3D graphics with 3D zoom, panorama, rotation, scaling and repositioning, accurate 3D measurements, basic 3D profile viewin...

The vulnerability of the Adobe Media Encoder application, related to writing beyond the buffer boundaries in memory, allows a perpetrator to execute arbitrary code.

The vulnerability of the Adobe Media Encoder application relates to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

FreeBSD : pngcheck -- Buffer-overrun vulnerability (13ca36b8-6141-11eb-8a36-7085c2fb2c14)

The libpng project reports : pngcheck versions 3.0.0 and earlier have a pair of buffer-overrun bugs related to the sPLT and PPLT chunks the latter is a MNG-only chunk, but it gets noticed even in PNG files if the -s option is used. Both bugs are fixed in version 3.0.1, released on 24 January 2021...

The vulnerability of the Adobe Media Encoder application, related to writing beyond the buffer boundaries in memory, allows a perpetrator to execute arbitrary code.

The vulnerability of the Adobe Media Encoder application relates to writing beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code in the context of the current user...

The vulnerability of Microsoft Excel, the Microsoft Office suite, Microsoft Office Online Server, Microsoft Office Web Apps Server, and Microsoft 365 Apps relates to the execution of arbitrary code when operations are performed outside of the buffer in memory. This vulnerability allows an attacker to execute arbitrary code.

The vulnerability of Microsoft Excel, the Microsoft Office suite, Microsoft Office Online Server, Microsoft Office Web Apps Server, and Microsoft 365 Apps is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow an attacker to execute...

Updated glibc packages fix security vulnerability

Security fixes: - fix buffer overrun in EUC-KR conversion module bz 2497 CVE-2019-25013 - arm: CVE-2020-6096: Fix multiarch memcpy for negative length BZ 25620 - arm: CVE-2020-6096: fix memcpy and memmove for negative length BZ 25620 - iconv: Fix incorrect UCS4 inner loop bounds BZ 26923...

MGASA-2021-0053 Updated glibc packages fix security vulnerability

Security fixes: - fix buffer overrun in EUC-KR conversion module bz 2497 CVE-2019-25013 - arm: CVE-2020-6096: Fix multiarch memcpy for negative length BZ 25620 - arm: CVE-2020-6096: fix memcpy and memmove for negative length BZ 25620 - iconv: Fix incorrect UCS4 inner loop bounds BZ 26923...

pngcheck -- Buffer-overrun vulnerability

The libpng project reports: pngcheck versions 3.0.0 and earlier have a pair of buffer-overrun bugs related to the sPLT and PPLT chunks the latter is a MNG-only chunk, but it gets noticed even in PNG files if the -s option is used. Both bugs are fixed in version 3.0.1, released on 24 January 2021...

The vulnerability of the professional video editing software Adobe Premiere Pro, related to recording data beyond the buffer limit in memory, allows a hacker to execute arbitrary code.

The vulnerability of the professional video editing software Adobe Premiere Pro lies in the recording of data beyond the buffer limits in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code in the context of the current user...

The vulnerability of Adobe Illustrator’s graphic editor lies in the possibility of an operation going beyond the buffer boundaries in memory, allowing a hacker to execute arbitrary code.

The vulnerability of Adobe Illustrator’s graphic editor is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user...

The vulnerability of Firefox browsers, Firefox ESR, and the Thunderbird email client relates to the issue of operations beyond buffer boundaries in memory. This allows attackers to gain unauthorized access to information and compromise its integrity and accessibility.

The vulnerability of Firefox browsers, Firefox ESR, and the email client Thunderbird is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to information and compromise its integrity and...

The vulnerability of the Firefox, Firefox ESR, and Thunderbird software lies in the fact that certain operations go beyond the allowed boundaries of the data buffer. This allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Firefox, Firefox ESR, and Thunderbird software is related to the execution of operations beyond the acceptable data buffer limits. Exploiting this vulnerability can allow a remote attacker to access confidential data, compromise its integrity, and cause service failures...