librawspeed: Crash in void rawspeed::Cr2Decompressor::decodeN_X_Y<2, 1, 1>

Project: https://github.com/darktable-org/rawspeed.git Detailed report: https://oss-fuzz.com/testcase?key=6718927029665792 Project: librawspeed Fuzzer: afllibrawspeedFiffParserFuzzer-GetDecoder-Decode Fuzz target binary: FiffParserFuzzer-GetDecoder-Decode Job Type: aflasanlibrawspeed Platform Id:...

SUSE SLES12 Security Update : freeradius-server (SUSE-SU-2017:2243-1)

This update for freeradius fixes the following issues: Security issues fixed : - CVE-2017-10988: Decode 'signed' attributes correctly. bnc1049086 - CVE-2017-10987: Check for option overflowing the packet. bnc1049086 - CVE-2017-10985: Fix infinite loop and memory exhaustion with 'concat' attribute...

CVE-2017-12940

libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function...

DEBIAN-CVE-2017-12940

libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function...

Out-of-bounds

libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function...

CVE-2017-12940

libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function...

UBUNTU-CVE-2017-12940

libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function...

CVE-2017-12940

CVE-2017-12940 affects libunrar.a in UnRAR prior to 5.5.7, with an out-of-bounds read in the EncodeFileName::Decode call inside Archive::ReadHeader15. Connected advisories confirm this was addressed in UnRAR 5.6.1, which fixes the out-of-bounds read alongside other related CVEs (12938, 12941, 129...

CVE-2017-12940

libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function...

AZL-69695 CVE-2017-12596 affecting package OpenEXR 2.3.0-6

In OpenEXR 2.2.0, a crafted image causes a heap-based buffer over-read in the hufDecode function in IlmImf/ImfHuf.cpp during exrmaketiled execution; it may result in denial of service or possibly unspecified other impact...

freeradius: Out-of-bounds read in fr_dhcp_decode() when decoding option 63

An out-of-bounds read flaw was found in the way FreeRADIUS server handled decoding of DHCP packets. A remote attacker could use this flaw to crash the FreeRADIUS server by sending a specially crafted DHCP request...

FFmpeg 'libavcodec/dnxhddec.c' Denial of Service Vulnerability

FFmpeg is a free program that performs recording, transferring and streaming of audio and video in various formats. A security vulnerability in the processing of DNxHD files by the FFmpeg libavcodec/dnxhddec.c/dnxhddecodeheader function allows an attacker to exploit the vulnerability by submittin...

Pythem - Penetration Testing Framework

pythem is a multi-purpose pentest framework written in Python. It has been developed to be used by security researchers and security professionals. The tool intended to be used only for acts within the law. I am not liable for any undue and unlawful act practiced by this tool, for more informatio...

ALPINE-CVE-2017-11719

The dnxhddecodeheader function in libavcodec/dnxhddec.c in FFmpeg 3.0 through 3.3.2 allows remote attackers to cause a denial of service out-of-array access or possibly have unspecified other impact via a crafted DNxHD file...

DEBIAN-CVE-2017-11719

The dnxhddecodeheader function in libavcodec/dnxhddec.c in FFmpeg 3.0 through 3.3.2 allows remote attackers to cause a denial of service out-of-array access or possibly have unspecified other impact via a crafted DNxHD file...

DEBIAN-CVE-2017-11434

The dhcpdecode function in slirp/bootp.c in QEMU aka Quick Emulator allows local guest OS users to cause a denial of service out-of-bounds read and QEMU process crash via a crafted DHCP options string...

FreeRADIUS 'fr_dhcp_decode()' function memory leak vulnerability

FreeRADIUS is a set of software that implements the RADIUS protocol from the FreeRADIUS Server project. The software is mainly used for account authentication management, bookkeeping management and Internet account management, etc. and contains a Radius server, a client library for BSD protocol...

FreeRADIUS 'fr_dhcp_decode_options()' function buffer out-of-bounds read vulnerability

FreeRADIUS is a set of software that implements the RADIUS protocol from the FreeRADIUS Server project. The software is mainly used for account authentication management, bookkeeping management and Internet account management, etc. and contains a Radius server, a client library for BSD protocol...

DEBIAN-CVE-2017-10980

An FR-GV-203 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memory leak in decodetlv" and a denial of service...

UBUNTU-CVE-2017-10981

An FR-GV-204 issue in FreeRADIUS 2.x before 2.2.10 allows "DHCP - Memory leak in frdhcpdecode" and a denial of service...