The vulnerability in the multimedia streaming recording mechanism of Firefox browsers, Firefox ESR, and Thunderbird email software, related to improper type checking of data sources, allows attackers to trigger a service failure.

The vulnerability of the multimedia streaming recording mechanism in Firefox web browsers, Firefox ESR, and the Thunderbird email program relates to the issue of recording data as incorrect types. Exploiting this vulnerability allows an attacker to cause service interruptions by changing the type...

Design/Logic Flaw

In GPAC 0.7.1 and earlier, gftextgetutf8line in mediatools/textimport.c in libgpacstatic.a allows an out-of-bounds write because of missing szLineConv bounds checking...

CVE-2018-20763

In GPAC 0.7.1 and earlier, gftextgetutf8line in mediatools/textimport.c in libgpacstatic.a allows an out-of-bounds write because of missing szLineConv bounds checking...

openSUSE: Security Advisory for krb5 (openSUSE-SU-2019:0139-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2018-20763

In GPAC 0.7.1 and earlier, gftextgetutf8line in mediatools/textimport.c in libgpacstatic.a allows an out-of-bounds write because of missing szLineConv bounds checking...

Ubuntu 18.04 LTS : Linux kernel (AWS, GCP, KVM, OEM, Raspberry Pi 2) vulnerabilities (USN-3871-3)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3871-3 advisory. Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to...

macOS < 10.14.3 / iOS < 12.1.3 - Kernel Heap Overflow in PF_KEY due to Lack of Bounds Checking

/ Inspired by Ned Williamsons's fuzzer I took a look at the netkey code. keygetsastat handles SADBGETSASTAT messages: It allocates a buffer based on the number of SAs there currently are: bufsize = ipsecsavcount + 1 sizeofsastatssav; KMALLOCWAITsastatssav, typeofsastatssav, bufsize; It the...

VLC (European Commission - DIGIT): VLC 4.0.0 - Stack Buffer Overflow (SEH)

Summary: Incorrect calculation of Buffer Size in rist module for VLC leading to Stack Overflow with SEH chain overwrite. The modules/access/rist module has an incorrect calculation of buffer size giving an attacker the possibility to set the buffer size of a local variable by sending a maliciousl...

Security Bulletin: Vulnerability in GNU C Library (glibc) affects IBM Flex System FC5022 16Gb SAN Scalable Switch (CVE-2016-3075)

Summary A vulnerability in GNU C Library glibc affects IBM Flex System FC5022 16Gb SAN Scalable Switch. IBM Flex System FC5022 16Gb SAN Scalable Switch has addressed the vulnerability. Vulnerability Details Summary A vulnerability in GNU C Library glibc affects IBM Flex System FC5022 16Gb SAN...

Security Bulletin: Vulnerabilities in tcpdump affect IBM Flex System Chassis Management Module (CMM)

Summary IBM Chassis Management Module CMM has addressed the following vulnerabilities in tcpdump. Vulnerability Details Summary IBM Chassis Management Module CMM has addressed the following vulnerabilities in tcpdump. Vulnerability Details CVEID: CVE-2016-7922 Description: tcpdump is vulnerable t...

Security Bulletin: A vulnerability in openssh affects IBM Flex System Manager (FSM): (CVE-2014-2653)

Summary A security vulnerability has been discovered in openssh that is included in IBM FSM. Vulnerability Details Abstract A security vulnerability has been discovered in openssh that is included in IBM FSM. Content Vulnerability Details: CVE-ID: CVE-2013-2653 Description: OpenSSH could allow a...

macOS 10.14.3 iOS 12.1.3 - Kernel Heap Overflow in PF_KEY due to Lack of Bounds Checking when Retrieving Statistics

macOS 10.14.3 iOS 12.1.3 - Kernel Heap Overflow in PFKEY due to Lack of Bounds Checking when Retrieving Statistics / Inspired by Ned Williamsons's fuzzer I took a look at the netkey code. keygetsastat handles SADBGETSASTAT messages: It allocates a buffer based on the number of SAs there currently...

macOS &lt; 10.14.3 / iOS &lt; 12.1.3 - Kernel Heap Overflow in PF_KEY due to Lack of Bounds Checking when Retrieving Statistics

/ Inspired by Ned Williamsons's fuzzer I took a look at the netkey code. keygetsastat handles SADBGETSASTAT messages: It allocates a buffer based on the number of SAs there currently are: bufsize = ipsecsavcount + 1 sizeofsastatssav; KMALLOCWAITsastatssav, typeofsastatssav, bufsize; It the...

About the security content of watchOS 5.1.3 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

[SECURITY] [DLA 1643-1] krb5 security update

Package : krb5 Version : 1.12.1+dfsg-19+deb8u5 CVE ID : CVE-2018-5729 CVE-2018-5730 CVE-2018-20217 krb5, a MIT Kerberos implementation, had several flaws in LDAP DN checking, which could be used to circumvent a DN containership check by supplying special parameters to some calls. Further an...

Improper Certificate Validation in Apache Airflow

The LDAP auth backend airflow.contrib.auth.backends.ldapauth prior to Apache Airflow 1.10.1 was misconfigured and contained improper checking of exceptions which disabled server certificate checking...

SUSE-SU-2019:0175-1 Security update for krb5

This update for krb5 fixes the following issues: Security issues fixed: - CVE-2018-5729, CVE-2018-5730: Fixed multiple flaws in LDAP DN checking bsc1083926, bsc1083927...

Man-in-the-Middle (MitM)

apache-airflow is vulnerable to man-in-the-middle MitM attack. A misconfiguration and improper exceptions checking in the LDAP authentication backend airflow.contrib.auth.backends.ldapauth disabled server certificate checking, and allowed for man-in-the-middle attacks against clients connecting t...

CVE-2018-20245

The LDAP auth backend airflow.contrib.auth.backends.ldapauth prior to Apache Airflow 1.10.1 was misconfigured and contained improper checking of exceptions which disabled server certificate checking...

Input validation

The LDAP auth backend airflow.contrib.auth.backends.ldapauth prior to Apache Airflow 1.10.1 was misconfigured and contained improper checking of exceptions which disabled server certificate checking...