SUSE SLES12 Security Update : xen (SUSE-SU-2019:3296-1)

This update for xen fixes the following issues : CVE-2019-19581: Fixed a potential out of bounds on 32-bit Arm bsc1158003 XSA-307. CVE-2019-19582: Fixed a potential infinite loop when x86 accesses to bitmaps with a compile time known size of 64 bsc1158003 XSA-307. CVE-2019-19583: Fixed improper...

SUSE SLES12 Security Update : xen (SUSE-SU-2019:3297-1)

This update for xen fixes the following issues : CVE-2019-19581: Fixed a potential out of bounds on 32-bit Arm bsc1158003 XSA-307. CVE-2019-19582: Fixed a potential infinite loop when x86 accesses to bitmaps with a compile time known size of 64 bsc1158003 XSA-307. CVE-2019-19583: Fixed improper...

LEADTOOLS DICOM UI Parsing Code Execution Vulnerability

Summary An exploitable heap out of bounds write vulnerability exists in the UI tag parsing functionality of the DICOM image format of LEADTOOLS 20. A specially crafted DICOM image can cause an offset beyond the bounds of a heap allocation to be written, potentially resulting in code execution. An...

The vulnerability of the microprogramming software of Cisco Small Business RV016, Cisco Small Business RV042, Cisco Small Business RV042G, and Cisco Small Business RV082 allows a hacker to execute arbitrary code.

The vulnerability of the microprogrammed software of Cisco Small Business RV016, Cisco Small Business RV042, Cisco Small Business RV042G, and Cisco Small Business RV082 lies in the recovery of unreliable data structures in memory. Exploiting this vulnerability can allow an attacker operating...

jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes

A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using blaze classes. An attacker could use this flaw to execute arbitrary code...

CVE-2019-15918

An issue was discovered in the Linux kernel before 5.0.10. SMB2negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures are incompletely updated after a change from smb30 to smb21...

CVE-2017-7558

A kernel data leak due to an out-of-bound read was found in the Linux kernel in inetdiagmsgsctp,laddrfill and sctpgetsctpinfo functions present since version 4.7-rc1 through version 4.13. A data leak happens when these functions fill in sockaddr data structures used to export socket's diagnostic...

CVE-2010-1488

The procoomscore function in fs/proc/base.c in the Linux kernel before 2.6.34-rc4 uses inappropriate data structures during selection of a candidate for the OOM killer, which might allow local users to cause a denial of service via unspecified patterns of task creation...

EulerOS 2.0 SP2 : openssl098e (EulerOS-SA-2019-1861)

According to the versions of the openssl098e package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer underflow flaw, leading to a buffer overflow, was found in the way OpenSSL decoded malformed Base64-encoded inputs. An attacker...

Design/Logic Flaw

An issue was discovered in the Linux kernel before 5.0.10. SMB2negotiate in fs/cifs/smb2pdu.c has an out-of-bounds read because data structures are incompletely updated after a change from smb30 to smb21...

PT-2019-4682 · Apache +6 · Apache Commons Beanutils +6

Name of the Vulnerable Software and Affected Versions: Apache Commons Beanutils versions prior to 1.9.2 Description: The issue is related to the BeanIntrospector class in Apache Commons Beanutils, which can lead to the restoration of untrusted data structures in memory. This can allow a remote...

CVE-2019-15214

An issue was discovered in the Linux kernel before 5.0.10. There is a use-after-free in the sound subsystem because card disconnection causes certain data structures to be deleted too early. This is related to sound/core/init.c and sound/core/info.c...

Design/Logic Flaw

An issue was discovered in the Linux kernel before 5.0.10. There is a use-after-free in the sound subsystem because card disconnection causes certain data structures to be deleted too early. This is related to sound/core/init.c and sound/core/info.c...

CVE-2019-15214

An issue was discovered in the Linux kernel before 5.0.10. There is a use-after-free in the sound subsystem because card disconnection causes certain data structures to be deleted too early. This is related to sound/core/init.c and sound/core/info.c...

UBUNTU-CVE-2019-15214

An issue was discovered in the Linux kernel before 5.0.10. There is a use-after-free in the sound subsystem because card disconnection causes certain data structures to be deleted too early. This is related to sound/core/init.c and sound/core/info.c...

[SECURITY] Fedora 30 Update: igraph-0.7.1-12.fc30

igraph wants to be an efficient platform for 1 complex network analysis and 2 developing and implementing graph algorithms. It provides flexible and efficient data structures for graphs and related tasks. It also provides implementation to many classic and new graph algorithms like: maximum flows...

Fedora Update for igraph FEDORA-2019-060e7b383c

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

The vulnerability of the Bouncy Castle cryptographic protection mechanism lies in the possibility of recovering unreliable data structures stored in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Bouncy Castle cryptographic protection lies in the recovery of unreliable data structures in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code using a specially created personal key...

Use-After-Free

Linux kernel is vulnerable to use-after-free vulnerability. A local authenticated attacker is able gain privileges via crafted system calls that trigger mishandling of packetfanout data structures leading to a use-after-free flaw. This issue affects an unknown part of the file net/packet/afpacket...

The vulnerability of the Eclipse OpenJ9 virtual machine, related to the restoration of unreliable data structures in memory, allows an attacker to execute arbitrary code.

The vulnerability of the Eclipse OpenJ9 virtual machine is related to the restoration of unreliable data structures in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code...