UBUNTU-CVE-2020-15106

In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in decodeRecord method. The size of a record is stored in the length field of a WAL file and no additional validation is done on this data. Therefore, it is possible to forge an extremely large frame size that can unintentional...

CVE-2020-15106

In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in decodeRecord method. The size of a record is stored in the length field of a WAL file and no additional validation is done on this data. Therefore, it is possible to forge an extremely large frame size that can unintentional...

OSV-2020-1565 Heap-buffer-overflow in allocate_field

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=24586 Crash type: Heap-buffer-overflow WRITE 8 Crash state: allocatefield pbdecstring decodebasicfield...

GNU LibreDWG decode_R13_R2000 Buffer Overflow Vulnerability

GNU LibreDWG is a C language library for working with DWG files. A buffer overflow vulnerability exists in GNU LibreDWG decodeR13R2000, which can be exploited by a remote attacker to submit a specially crafted malicious file that can be tricked into parsing it to execute arbitrary code in the...

SUSE SLED15 / SLES15 Security Update : ffmpeg (SUSE-SU-2019:3184-2)

This update for ffmpeg fixes the following issues : Security issues fixed: CVE-2019-17542: Fixed a heap-buffer overflow in vqadecodechunk due to an out-of-array access bsc1154064. CVE-2019-12730: Fixed an uninitialized use of variables due to an improper check bsc1137526. CVE-2019-9718: Fixed a...

IIS-Raid - A Native Backdoor Module For Microsoft IIS (Internet Information Services)

IS Raid is a native IIS module that abuses the extendibility of IIS to backdoor the web server and carry out custom actions defined by an attacker. Documentation When installed, IIS-Raid will process every request and method, check if the X-Password header exists and compare it against the...

CVE-2020-15470

ffjpeg through 2020-02-24 has a heap-based buffer overflow in jfifdecode in jfif.c...

OSV-2020-548 Heap-buffer-overflow in acommon::DecodeDirect<unsigned short>::decode

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=16531 Crash type: Heap-buffer-overflow READ 2 Crash state: acommon::DecodeDirect::decode acommon::Convert::convert aspellspellersuggest...

PT-2020-14437 · FFmpeg · Ffjpeg

Name of the Vulnerable Software and Affected Versions: ffjpeg versions prior to 2020-02-24 Description: The issue is a heap-based buffer overflow in the jfif decode function located in jfif.c. Recommendations: For versions prior to 2020-02-24, update to a version released after 2020-02-24 to...

DEBIAN-CVE-2020-10994

In libImaging/Jpeg2KDecode.c in Pillow before 7.1.0, there are multiple out-of-bounds reads via a crafted JP2 file...

DEBIAN-CVE-2020-11538

In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311...

UBUNTU-CVE-2020-10994

In libImaging/Jpeg2KDecode.c in Pillow before 7.1.0, there are multiple out-of-bounds reads via a crafted JP2 file...

PYSEC-2020-80

In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311...

PYSEC-2020-76

Pillow before 7.1.0 has multiple out-of-bounds reads in libImaging/FliDecode.c...

PT-2020-12675 · Pillow +5 · Pillow +5

Name of the Vulnerable Software and Affected Versions: Pillow versions prior to 7.0.1 Description: The issue exists in the parsing of SGI image files, where a number of out-of-bounds reads are present in the libImaging/SgiRleDecode.c module. Recommendations: For versions prior to 7.0.1, update to...

PT-2020-12049 · Python Imaging Library +2 · Pillow +2

Name of the Vulnerable Software and Affected Versions: Pillow versions prior to 7.1.0 Pillow versions 7.x prior to 7.0.1 Pillow version 6.2.3 and earlier Description: The issue involves two Buffer Overflows in libImaging/TiffDecode.c. This affects Pillow, where the buffer overflows can occur due ...

PT-2020-12478 · Pillow +2 · Pillow +2

Name of the Vulnerable Software and Affected Versions: Pillow versions prior to 7.1.0 Description: The issue is related to multiple out-of-bounds reads that can occur via a crafted JP2 file in the libImaging/Jpeg2KDecode.c module. Recommendations: For Pillow versions prior to 7.1.0, update to...

ffmpeg:ffmpeg_AV_CODEC_ID_APNG_fuzzer: Heap-buffer-overflow in inflate

Project: https://git.ffmpeg.org/ffmpeg.git Detailed Report: https://oss-fuzz.com/testcase?key=4796622520451072 Project: ffmpeg Fuzzing Engine: honggfuzz Fuzz Target: ffmpegAVCODECIDAPNGfuzzer Job Type: honggfuzzasanffmpeg Platform Id: linux Crash Type: Heap-buffer-overflow READ Crash Address:...

LibVNCServer Buffer Overflow Vulnerability (CNVD-2020-36781)

LibVNCServer is a cross-platform C library that supports the implementation of VNC Virtual Network Computing server or client functionality in programs. A security vulnerability exists in the 'hybiReadAndDecode' function in the libvncserver/wsdecode.c file in versions of LibVNCServer prior to...

Multi-stage APT attack drops Cobalt Strike using Malleable C2 feature

This blog post was authored by Hossein Jazi and Jérôme Segura On June 10, we found a malicious Word document disguised as a resume that uses template injection to drop a .Net Loader. This is the first part of a multi-stage attack that we believe is associated to an APT attack. In the last stage,...