Google Android Qualcomm WLAN Information Disclosure Vulnerability (CNVD-2018-22746)

Android on Google Pixel and Nexus is a Linux-based open source operating system for the Google Pixel and Nexus smartphones developed by Google Inc. and the Open Handset Alliance OHA, with Qualcomm WLAN being one of the components used. Qualcomm WLAN is a wireless LAN component developed by Qualco...

[ASA-201805-16] lib32-libcurl-gnutls: multiple issues

Arch Linux Security Advisory ASA-201805-16 ========================================== Severity: Critical Date : 2018-05-18 CVE-ID : CVE-2018-1000300 CVE-2018-1000301 Package : lib32-libcurl-gnutls Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-697 Summary ======= Th...

libgxps gxps-images.c File Stack Buffer Out-of-Bounds Read Vulnerability

libgxps is a library for processing XPS documents based on GObject a C-based framework. A stack buffer out-of-bounds read vulnerability exists in the Glib call to the 'gxpsimagesguesscontenttype' function in the gxps-images.c file in libgxps 0.3.0 and earlier, which stems from the program receivi...

Google Android buffer out-of-bounds read vulnerability (CNVD-2018-10127)

Android is a Linux-based open-source operating system jointly developed by Google and the Open Handheld Alliance OHA, and Qualcomm MSM8909W is a central processing unit CPU product of Qualcomm. A buffer out-of-bounds read vulnerability exists in the Qualcomm closed-source component in Android...

Google Android buffer out-of-bounds read vulnerability (CNVD-2018-09626)

Android is a Linux-based open-source operating system jointly developed by Google and the Open Handheld Alliance OHA for short, and Qualcomm MDM9206 and other central processing unit CPU products from Qualcomm are used in different platforms. A buffer out-of-bounds read vulnerability exists in th...

Buffer under-read in String#unpack

Stringunpack receives format specifiers as its parameter, and can be specified the position of parsing the data by the specifier @. If a big number is passed with @, the number is treated as the negative value, and out-of-buffer read is occurred. So, if a script accepts an external input as the...

libming 'getName' function heap buffer out-of-bounds read vulnerability (CNVD-2018-05218)

libming is a Flash SWF output library written in C for use in systems developed in PHP, Perl, etc. It can be used to output Flash SWF files to the system. A heap buffer out-of-bounds read vulnerability exists in the 'getName' function of the util/decompile.c file in libming version 0.4.8. An...

libming 'getName' function heap buffer out-of-bounds read vulnerability

libming is a Flash SWF output library written in C for use in systems developed in PHP, Perl, etc. It can be used to output Flash SWF files to the system. A heap buffer out-of-bounds read vulnerability exists in the 'getName' function of the util/decompile.c file in libming version 0.4.8. An...

[slackware-security] ntp

New ntp packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: patches/packages/ntp-4.2.8p11-i586-1slack14.2.txz: Upgraded. This release addresses five security issues in ntpd: LOW/MEDIUM: Sec 3012 /...

FreeBSD : ntp -- multiple vulnerabilities (af485ef4-1c58-11e8-8477-d05099c0ae8c)

Network Time Foundation reports : The NTP Project at Network Time Foundation is releasing ntp-4.2.8p11. This release addresses five security issues in ntpd : - LOW/MEDIUM: Sec 3012 / CVE-2016-1549 / VU961909: Sybil vulnerability: ephemeral association attack - INFO/MEDIUM: Sec 3412 / CVE-2018-718...

ntp -- multiple vulnerabilities

Network Time Foundation reports: The NTP Project at Network Time Foundation is releasing ntp-4.2.8p11. This release addresses five security issues in ntpd: LOW/MEDIUM: Sec 3012 / CVE-2016-1549 / VU961909: Sybil vulnerability: ephemeral association attack INFO/MEDIUM: Sec 3412 / CVE-2018-7182 /...

FreeXL heap buffer out-of-bounds read vulnerability (CNVD-2018-05154)

FreeXL is an open source library for extracting valid data from Excel .xls spreadsheets developed by software developer Alessandro Furieri. A heap buffer out-of-bounds read vulnerability exists in the 'parseSST' function in versions of FreeXL prior to 1.0.5. An attacker can exploit this...

CVE-2018-1056

An out-of-bounds heap buffer read flaw was found in the way advancecomp handled processing of ZIP files. An attacker could potentially use this flaw to crash the advzip utility by tricking it into processing crafted ZIP files...

CVE-2018-1056

An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled processing of ZIP files. An attacker could potentially use this flaw to crash the advzip utility by tricking it into processing crafted ZIP files...

CVE-2018-6767

An out-of-bounds stack buffer read flaw was found in WavPack. This flaw could potentially be used to crash WavPack CLI utilities by tricking them into processing specially crafted WAVE files...

Debian: Security Advisory (DLA-1111-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Red Hat JBoss Enterprise Application Platform RemoteMessageChannel Buffer Read Vulnerability

The Red Hat JBoss Enterprise Application Platform JBoss EAP is a subscription-based, open source Java EE application server runtime platform for building, deploying and hosting highly transactional Java applications and services. An empty buffer read error vulnerability exists in...

ClamAV Buffer Out-of-Bounds Read Vulnerability

ClamAV AntiVirus software is a free and open source antivirus software developed by ClamAV team. The software is used to detect Trojans, viruses, malware and other malicious threats. A security vulnerability exists in ClamAV AntiVirus software, which stems from the program's failure to properly...

Debian: Security Advisory (DLA-883-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Google Android Qualcomm WLAN Information Disclosure Vulnerability

Android on Google Pixel and Nexus is a Linux-based open source operating system for the Google Pixel and Nexus smartphones developed by Google Inc. and the Open Handset Alliance OHA, with Qualcomm WLAN being one of the components used. Qualcomm WLAN is a wireless LAN component developed by Qualco...