Fedora 26 : zsh (2018-9cdf18a850)

avoid crash when copying empty hash table CVE-2018-7549 - avoid NULL dereference when using $PA... on an empty array CVE-2018-7548 - fix buffer overrun in xsymlinks CVE-2017-18206 - fix NULL dereference in cd CVE-2017-18205 Note that Tenable Network Security has extracted the preceding...

The vulnerability of the Microsoft Office software package and the Microsoft Outlook email client arises from an operation that goes beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Microsoft Office software and the Microsoft Outlook email client arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

The vulnerability of the JavaScript script handler ChakraCore in the Microsoft Edge browser, caused by an operation that goes beyond the buffer in memory, allows attackers to execute arbitrary code.

The vulnerability of the JavaScript script handler ChakraCore in the Microsoft Edge browser is caused by an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Internet Explorer browser arises from an operation that goes beyond the buffer in memory, allowing a malicious actor to trigger a service failure or execute arbitrary code.

The vulnerability of the Internet Explorer browser arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code or cause a service failure by using a specially crafted web page...

Vulnerabilities of software for web conferencing solutions such as WebEx Extension, ActiveTouch General Plugin Container, GpcContainer Class ActiveX, WebEx Meeting Center, and Download Manager ActiveX Control. These vulnerabilities arise from operations that go beyond the buffer limits in memory, allowing attackers to execute arbitrary code with elevated privileges.

The vulnerabilities of the software for web conferencing solutions such as WebEx Extension, ActiveTouch General Plugin Container, GPCContainer Class ActiveX, WebEx Meeting Center, and DownloadManager ActiveX Control stem from operations that go beyond the buffer limits in memory. Exploiting these...

The vulnerability in Internet Explorer arises from an operation that goes beyond the buffer boundaries in memory, allowing a malicious actor to execute arbitrary code and trigger a denial-of-service attack.

The vulnerability of the Internet Explorer browser arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code and cause a service failure by using a specially crafted web page...

FreeBSD : e2fsprogs -- potential buffer overrun bugs in the blkid library and in the fsck program (2aa9967c-27e0-11e8-9ae1-080027ac955c)

Theodore Y. Ts'o reports : Fixed some potential buffer overrun bugs in the blkid library and in the fsck program. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the FreeBSD VuXML database : Copyright 2003-2019 Jacques Vidrine and...

Scientific Linux Security Update : kernel on SL7.x x86_64 (20180306)

Security Fixes : - Kernel: KVM: MMU potential stack buffer overrun during page walks CVE-2017-12188, Important - Kernel: KVM: debug exception via syscall emulation CVE-2017-7518, Moderate C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if...

e2fsprogs -- potential buffer overrun bugs in the blkid library and in the fsck program

Theodore Y. Ts'o reports: Fixed some potential buffer overrun bugs in the blkid library and in the fsck program...

RHEL 7 : kernel-rt (RHSA-2018:0412)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0412 advisory. - Kernel: KVM: debug exception via syscall emulation CVE-2017-7518 - Kernel: KVM: MMU potential stack buffer overrun during page walks...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

An update for kernel-rt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

The vulnerability of the initDecoder function in the Android operating system allows a hacker to execute arbitrary code.

The vulnerability of the initDecoder function /media/libstagefright/codecs/hevcdec/SoftHEVC.cpp in the Android operating system is related to writing data beyond the buffer into memory. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code within the context of a...

The vulnerability in the messageAddArgument function of the Clam Antivirus protection library allows a hacker to cause a service failure or execute arbitrary code.

The vulnerability in the AddArgument function of the Clam Antivirus protection tool arises from an operation that goes beyond the buffer boundaries in memory during message processing. Exploiting this vulnerability allows a remote attacker to cause service failures or execute arbitrary code using...

Delta Industrial Automation DOPSoft DPA File ListTotalSize Stack-based Buffer Overrun Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Delta Industrial Automation DOPSoft. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

The vulnerability of the editor for mathematical formulas and equations in the Microsoft Word text editor, as well as in the Microsoft Office suite of programs and the Microsoft Office Compatibility Pack, allows a perpetrator to execute arbitrary code.

The vulnerability of the editor for mathematical formulas and equations in the Microsoft Word text editor, as well as in the Microsoft Office suite of programs and the Microsoft Office Compatibility Pack, arises due to an operation that goes beyond the buffer in memory. Exploiting this...

The vulnerability of the editor for mathematical formulas and equations in the Microsoft Word text editor, as well as in the Microsoft Office suite of programs and the Microsoft Office Compatibility Pack, allows a perpetrator to execute arbitrary code.

The vulnerability of the editor for mathematical formulas and equations in the Microsoft Word text editor, as well as in the Microsoft Office suite of programs and the Microsoft Office Compatibility Pack, arises from an operation that goes beyond the buffer boundaries in memory. Exploiting this...

The vulnerability affects the editor for mathematical formulas and equations in the Microsoft Word text editor, as well as the Microsoft Office suite of programs and the Microsoft Office Compatibility Pack. This vulnerability allows a perpetrator to execute arbitrary code.

The vulnerability of the editor for mathematical formulas and equations in the Microsoft Word text editor, as well as in the Microsoft Office suite of programs and the Microsoft Office Compatibility Pack, arises due to an operation that goes beyond the buffer in memory. Exploiting this...

The vulnerability of the editor for mathematical formulas and equations in the Microsoft Word text editor, as well as in the Microsoft Office suite of programs and the Microsoft Office Compatibility Pack, allows a perpetrator to execute arbitrary code.

The vulnerability of the editor for mathematical formulas and equations in the Microsoft Word text editor, as well as in the Microsoft Office suite of programs and the Microsoft Office Compatibility Pack, arises due to an operation that goes beyond the buffer in memory. Exploiting this...

The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird are caused by an operation that goes beyond the buffer boundaries in memory, allowing an attacker to trigger a service failure.

The vulnerabilities of Mozilla Firefox, Firefox ESR, and the email client Thunderbird arise from an operation that goes beyond the buffer boundaries in memory when reading certificates from the disk. Exploiting these vulnerabilities can allow a malicious actor to cause service failures using...