379 matches found
CImg Library Input Validation Error Vulnerability
CImg Library is an open source C++ library for image processing organized by DavidTschumperlé GREYC Davidtschumperlé Greyc. CImg Library suffers from an input validation error vulnerability that stems from the use of an insecure pattern for calculating the required heap buffer allocation size,...
Moderate: Red Hat Security Advisory: kernel-rt security and bug fix update
An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
SUSE-SU-2020:2531-1 Security update for the Linux Kernel (Live Patch 10 for SLE 15 SP1)
This update for the Linux Kernel 4.12.14-19737 fixes several issues. The following security issues were fixed: - CVE-2020-14331: Fixed a buffer over-write in vgaconscroll bsc1174247. - CVE-2020-15780: Fixed a lockdown bypass via injection of malicious ACPI tables via configfs bsc1174186. -...
SUSE SLES12 Security Update : LibVNCServer (SUSE-SU-2020:2167-1)
This update for LibVNCServer fixes the following issues : security update fix CVE-2018-21247 bsc1173874, uninitialized memory contents are vulnerable to Information leak fix CVE-2019-20839 bsc1173875, buffer overflow in ConnectClientToUnixSock fix CVE-2019-20840 bsc1173876, unaligned accesses in...
SUSE-SU-2020:2167-1 Security update for LibVNCServer
This update for LibVNCServer fixes the following issues: - security update fix CVE-2018-21247 bsc1173874, uninitialized memory contents are vulnerable to Information leak fix CVE-2019-20839 bsc1173875, buffer overflow in ConnectClientToUnixSock fix CVE-2019-20840 bsc1173876, unaligned accesses in...
openSUSE Security Update : LibVNCServer (openSUSE-2020-1056)
This update for LibVNCServer fixes the following issues : - security update - added patches fix CVE-2018-21247 bsc1173874, uninitialized memory contents are vulnerable to Information leak + LibVNCServer-CVE-2018-21247.patch fix CVE-2019-20839 bsc1173875, buffer overflow in ConnectClientToUnixSock...
OPENSUSE-SU-2020:1056-1 Security update for LibVNCServer
This update for LibVNCServer fixes the following issues: - security update - added patches fix CVE-2018-21247 bsc1173874, uninitialized memory contents are vulnerable to Information leak + LibVNCServer-CVE-2018-21247.patch fix CVE-2019-20839 bsc1173875, buffer overflow in ConnectClientToUnixSock ...
OPENSUSE-SU-2020:0988-1 Security update for LibVNCServer
This update for LibVNCServer fixes the following issues: - security update - added patches fix CVE-2018-21247 bsc1173874, uninitialized memory contents are vulnerable to Information leak + LibVNCServer-CVE-2018-21247.patch fix CVE-2019-20839 bsc1173875, buffer overflow in ConnectClientToUnixSock ...
SUSE SLED15 / SLES15 Security Update : LibVNCServer (SUSE-SU-2020:1922-1)
This update for LibVNCServer fixes the following issues : security update added patches fix CVE-2018-21247 bsc1173874, uninitialized memory contents are vulnerable to Information leak + LibVNCServer-CVE-2018-21247.patch fix CVE-2019-20839 bsc1173875, buffer overflow in ConnectClientToUnixSock +...
SUSE-SU-2020:1922-1 Security update for LibVNCServer
This update for LibVNCServer fixes the following issues: - security update - added patches fix CVE-2018-21247 bsc1173874, uninitialized memory contents are vulnerable to Information leak + LibVNCServer-CVE-2018-21247.patch fix CVE-2019-20839 bsc1173875, buffer overflow in ConnectClientToUnixSock ...
Debian DLA-2236-1 : graphicsmagick security update
A vulnerability was discovered in graphicsmagick, a collection of image processing tools, that results in a heap buffer overwrite when magnifying MNG images. For Debian 8 'Jessie', this problem has been fixed in version 1.3.20-3+deb8u11. We recommend that you upgrade your graphicsmagick packages...
Debian: Security Advisory (DLA-2236-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2236-1] graphicsmagick security update
Package : graphicsmagick Version : 1.3.20-3+deb8u11 CVE ID : CVE-2020-12672 Debian Bug : 960000 A vulnerability was discovered in graphicsmagick, a collection of image processing tools, that results in a heap buffer overwrite when magnifying MNG images. For Debian 8 "Jessie", this problem has bee...
CVE-2020-8899
There is a buffer overwrite vulnerability in the Quram qmg library of Samsung's Android OS versions O8.x, P9.0 and Q10.0. An unauthenticated, unauthorized attacker sending a specially crafted MMS to a vulnerable phone can trigger a heap-based buffer overflow in the Quram image codec leading to an...
Heap overflow
There is a buffer overwrite vulnerability in the Quram qmg library of Samsung's Android OS versions O8.x, P9.0 and Q10.0. An unauthenticated, unauthorized attacker sending a specially crafted MMS to a vulnerable phone can trigger a heap-based buffer overflow in the Quram image codec leading to an...
CVE-2020-8899 Memory corruption in Quram library when decoding qmg can lead to RCE
There is a buffer overwrite vulnerability in the Quram qmg library of Samsung's Android OS versions O8.x, P9.0 and Q10.0. An unauthenticated, unauthorized attacker sending a specially crafted MMS to a vulnerable phone can trigger a heap-based buffer overflow in the Quram image codec leading to an...
CVE-2020-8899 Samsung Quarm RCE via MMS
There is a buffer overwrite vulnerability in the Quram qmg library of Samsung’s Android OS versions O8.x, P9.0 and Q10.0. An unauthenticated, unauthorized attacker sending a specially crafted MMS to a vulnerable phone can trigger a heap-based buffer overflow in the Quram image codec leading to an...
CVE-2020-7261 Buffer overwrite in ENS allowed to bypass AMSI protection
Buffer Overflow via Environment Variables vulnerability in AMSI component in McAfee Endpoint Security ENS Prior to 10.7.0 February 2020 Update allows local users to disable Endpoint Security via a carefully crafted user input...
CVE-2020-7065
In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mbstrtolower function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. This could lead to memory corruption, crashes and potentially code execution...
CVE-2019-14028
Buffer overwrite during memcpy due to lack of check on SSID length validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice &...