SUSE-SU-2021:0139-1 Security update for slurm_20_02

This update for slurm2002 fixes the following issues: Updated to 20.02.6, addresses two security fixes: PMIx - fix potential buffer overflows from use of unpackmem. CVE-2020-27745 bsc1178890 X11 forwarding - fix potential leak of the magic cookie when sent as an argument to the xauth command...

CVE-2020-24658

Arm Compiler 5 through 5.06u6 has an error in a stack protection feature designed to help spot stack-based buffer overflows in local arrays. When this feature is enabled, a protected function writes a guard value to the stack prior to above any vulnerable arrays in the stack. The guard value is...

Fedora 33 : pngcheck (2020-f3a397cbf8)

"Previous fix for buffer overrun printing the contents of the sPLT chunk in certain malformed inputs RHBZ1905775 was incomplete; it should be properly fixed now. ---- Security fix for multiple buffer overflows from crafted file input RHBZ1902786,1902806,1902810: no CVE yet assigned, and for buffe...

Fedora 32 : pngcheck (2020-daffd78c3d)

"Previous fix for buffer overrun printing the contents of the sPLT chunk in certain malformed inputs RHBZ1905775 was incomplete; it should be properly fixed now. ---- Security fix for multiple buffer overflows from crafted file input RHBZ1902786,1902806,1902810: no CVE yet assigned, and for buffe...

SUSE SLES15 Security Update : slurm_17_11 (SUSE-SU-2020:3878-1)

This update for slurm1711 fixes the following issues : CVE-2020-27745: Fixed potential buffer overflows from use of unpackmem bsc1178890. CVE-2020-27746: Fixed a potential leak of the magic cookie when sent as an argument to the xauth command bsc1178891. Fixed %posttrans macro resupdate to cope...

Bitdefender Hypervisor Introspection Code Execution Vulnerability

Bidefender Hypervisor Introspection HVI is a software from Bidefender Romania that checks the memory safety of running virtual machines at the Hypervisor layer using the VM self-test APIs of the Xen and KVM hypervisors. The software blocks code execution in abnormal memory by virtualizing the...

Security Bulletin: App Connect Enterprise Certified Container may be vulnerable to buffer overflows, Denial of Service or HTTP request smuggling

Summary App Connect Enterprise Certified Container when running Desginer flows may be vulnerable to Denial of Service via to CVE-2020-8237, HTTP request smuggling via CVE-2020-8201 or buffer overflows via CVE-2020-8252. Vulnerability Details CVEID: CVE-2020-8237 DESCRIPTION: Node.js json-bigint...

p11-kit -- Multiple vulnerabilities

The p11-glue project reports: CVE-2020-29363: Out-of-bounds write in p11rpcbuffergetbytearrayvalue functionA heap-based buffer overflow has been discovered in the RPC protocol used by p11-kit server/remote commands and the client library. When the remote entity supplies a serialized byte array in...

SUSE SLES15 Security Update : slurm (SUSE-SU-2020:3505-1)

This update for slurm fixes the following issues : CVE-2020-27745: PMIx - fix potential buffer overflows from use of unpackmem bsc1178890. CVE-2020-27746: X11 forwarding - fix potential leak of the magic cookie when sent as an argument to the xauth command bsc1178891. Note that Tenable Network...

NewStart CGSL CORE 5.05 / MAIN 5.05 : ipmitool Vulnerability (NS-SA-2020-0116)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has ipmitool packages installed that are affected by a vulnerability: - It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to...

NewStart CGSL CORE 5.04 / MAIN 5.04 : ipmitool Vulnerability (NS-SA-2020-0077)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has ipmitool packages installed that are affected by a vulnerability: - It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to...

Buffer Overflows

Sound eXchange is vulnerable to buffer overflows. Remote attackers could cause overflows using a crafted WAV file via AdpcmReadBlock function...

Integer Overflow

Neovim is vulnerable to integer overflow. The vulnerability existed because it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows...

Denial Of Service (DoS)

Artifex Software GhostScript is vulnerable to denial of service attacks. A remote attacker could cause buffer overflows in tiff12printpage in devices/gdevtfnx.c via a crafted PDF file resulting in denial of service conditions...

Denial Of Service (DoS)

Artifex Software GhostScript is vulnerable to denial of service attacks. A remote attacker could cause buffer overflows in mjcolorcorrect in contrib/japanese/gdevmjc.c via a crafted PDF file resulting in denial of service conditions...

CVE-2020-16289

Artifex Software GhostScript is vulnerable to denial of service attacks. A remote attacker could cause buffer overflows in cifprintpage in devices/gdevcif.c via a crafted PDF file resulting in denial of service conditions...

[ASA-202012-2] cimg: arbitrary code execution

Arch Linux Security Advisory ASA-202012-2 ========================================= Severity: Medium Date : 2020-12-05 CVE-ID : CVE-2020-25693 Package : cimg Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-1318 Summary ======= The package cimg before version...

CVE-2020-25693

A flaw was found in CImg in versions prior to 2.9.3. Integer overflows leading to heap buffer overflows in loadpnm can be triggered by a specially crafted input file processed by CImg, which can lead to an impact to application availability or data integrity...

CVE-2020-25693

A flaw was found in CImg in versions prior to 2.9.3. Integer overflows leading to heap buffer overflows in loadpnm can be triggered by a specially crafted input file processed by CImg, which can lead to an impact to application availability or data integrity...

CVE-2020-25693

A flaw was found in CImg in versions prior to 2.9.3. Integer overflows leading to heap buffer overflows in loadpnm can be triggered by a specially crafted input file processed by CImg, which can lead to an impact to application availability or data integrity...