OPENSUSE-SU-2021:2827-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: - CVE-2021-3712: a bug in the code for printing certificate details could lead to a buffer overrun that a malicious actor could exploit to crash the application, causing a denial-of-service attack. bsc1189521...

SUSE-SU-2021:2827-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: - CVE-2021-3712: a bug in the code for printing certificate details could lead to a buffer overrun that a malicious actor could exploit to crash the application, causing a denial-of-service attack. bsc1189521...

SUSE-SU-2021:2826-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: - CVE-2021-3712: a bug in the code for printing certificate details could lead to a buffer overrun that a malicious actor could exploit to crash the application, causing a denial-of-service attack. bsc1189521...

SUSE-SU-2021:2825-1 Security update for openssl

This update for openssl fixes the following security issue: - CVE-2021-3712: a bug in the code for printing certificate details could lead to a buffer overrun that a malicious actor could exploit to crash the application, causing a denial-of-service attack. bsc1189521...

Security update for openssl-1_0_0 (important)

openSUSE Security Update: Security update for openssl-100 Announcement ID: openSUSE-SU-2021:2827-1 Rating: important References: 1189521 Cross-References: CVE-2021-3712 CVSS scores: CVE-2021-3712 SUSE: 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Affected Products: openSUSE Leap 15.3 An updat...

Debian DSA-4963-1 : openssl - security update

The remote Debian 10 / 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-4963 advisory. Multiple vulnerabilities have been discovered in OpenSSL, a Secure Sockets Layer toolkit. CVE-2021-3711 John Ouyang reported a buffer overflow vulnerability ...

OpenSSL 1.0.2 < 1.0.2za Vulnerability

The version of OpenSSL installed on the remote host is prior to 1.0.2za. It is, therefore, affected by a vulnerability as referenced in the 1.0.2za advisory. - ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a...

CVE-2021-3712

ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL 0 byte...

Ubuntu 18.04 LTS / 20.04 LTS : OpenSSL vulnerabilities (USN-5051-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5051-1 advisory. John Ouyang discovered that OpenSSL incorrectly handled decrypting SM2 data. A remote attacker could use this issue to cause applications usi...

UBUNTU-CVE-2021-3712

ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL 0 byte...

Vulnerability in OpenSSL - Read buffer overruns processing ASN.1 strings

ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL 0 byte...

The vulnerability of Firefox ESR, Firefox, and the email client Thunderbird relates to the issue of operations outside the buffer during the conversion of UTF-8 strings to Unicode. This allows an attacker to execute arbitrary code.

The vulnerability of Firefox ESR, Firefox, and the email client Thunderbird is related to the issue of operations going beyond the buffer boundaries during the conversion from UTF-8 to Unicode. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Adobe Framemaker desktop publishing system, related to writing beyond the buffer boundaries in memory, allows a hacker to execute arbitrary code.

The vulnerability of the Adobe Framemaker desktop publishing system lies in the writing of code beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user...

The vulnerability of the Adobe Framemaker desktop publishing system, related to writing beyond the buffer boundaries in memory, allows a hacker to execute arbitrary code.

The vulnerability of the Adobe Framemaker desktop publishing system lies in the writing of code beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user...

PYSEC-2021-776

TensorFlow is an end-to-end open source platform for machine learning. In affected versions due to incomplete validation in MKL implementation of requantization, an attacker can trigger undefined behavior via binding a reference to a null pointer or can access data outside the bounds of heap...

CLSA-2021-1628782974 Fix of CVE: CVE-2020-8450, CVE-2020-8517, CVE-2020-8449

CVE-2020-8449: fix improper HTTP request validation allowing access to resources which are prohibited by security filters - CVE-2020-8450: fix incorrect buffer managment leading to buffer overflow - CVE-2020-8517: fix incorrect input validation allowing writing outside of buffer and leading to...

The vulnerability of the Adobe Framemaker desktop publishing system arises from the possibility of an operation going beyond the buffer boundaries in memory, allowing a hacker to execute arbitrary code.

The vulnerability of the Adobe Framemaker desktop publishing system lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code on the target system remotely...

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, are related to writing beyond the buffer in memory. This allows attackers to perform arbitrary operations.

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, are related to writing beyond the buffer boundaries in memory. Exploiting these vulnerabilities can allow a malicious actor to...

The vulnerability of PDF viewing and editing programs like Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat, and Adobe Acrobat Reader lies in the possibility of an out-of-buffer operation, allowing attackers to execute arbitrary code in the context of the current user.

The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2019, and Adobe Acrobat Reader 2019 is related to the execution of operations beyond the buffer in memory. Exploiting this vulnerability could allow a...

The vulnerability of the implementation of syntactic analysis for DWF format files in the Autodesk Design Review software allows a perpetrator to execute arbitrary code.

The vulnerability of the syntax analysis implementation for DWF file formats in the Autodesk Design Review software relates to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to execute arbitrary code by opening malicious...