CVE-2020-13114

An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data...

UBUNTU-CVE-2019-19721

An off-by-one error in the DecodeBlock function in codec/sdlimage.c in VideoLAN VLC media player before 3.0.9 allows remote attackers to cause a denial of service memory corruption via a crafted image file. NOTE: this may be related to the SDLImage product...

Code injection

An issue was discovered on Samsung mobile devices with O8.X, P9.0, and Q10.0 software. The Quram image codec library allows attackers to overwrite memory and execute arbitrary code via crafted JPEG data that is mishandled during decoding. The Samsung ID is SVE-2020-16943 May 2020...

Denial Of Service (DoS)

pillow is vulnerable to denial of service. A bounds overflow bug in the PCX decoding allows an attacker to crash the application or potentially execute arbtirary code on the system...

Denial Of Service (DoS)

pillow is vulnerable to denial of service. A buffer overflow bug in the TIFF decoding allows an attacker to crash the application or potentially execute arbtirary code on the system...

OPENSUSE-SU-2020:0562-1 Security update for vlc

This update for vlc fixes the following issues: vlc was updated to version 3.0.9.2: + Misc: Properly bump the version in configure.ac. Changes from version 3.0.9.1: + Misc: Fix VLSub returning 401 for earch request. Changes from version 3.0.9: + Core: Work around busy looping when playing an...

Security update for vlc (moderate)

openSUSE Security Update: Security update for vlc Announcement ID: openSUSE-SU-2020:0545-1 Rating: moderate References: 1142161 1146428 Cross-References: CVE-2019-13602 CVE-2019-13962 CVE-2019-14437 CVE-2019-14438 CVE-2019-14498 CVE-2019-14533 CVE-2019-14534 CVE-2019-14535 CVE-2019-14776...

CVE-2019-14019

CVE-2019-14019 involves Qualcomm Snapdragon components across multiple SoCs. The root cause is a read overflows issue due to an improper length check when decoding RAU accept/PDN disconnect Modify EPS/ bearer resource allocations and related requests. The impact is a high/severe condition reporte...

CVE-2019-14011

CVE-2019-14011 concerns multiple Read overflow issues caused by improper length checks during decoding of 3G attach accept/SMS/PDN connection reject/esm data transport/bearer modify context reject in Qualcomm Snapdragon lineups (Auto, Compute, IoT, Wearables, etc.) across numerous SoCs and produc...

CVE-2019-12524

An issue was discovered in Squid through 4.7. When handling requests from users, Squid checks its rules to see if the request should be denied. Squid by default comes with rules to block access to the Cache Manager, which serves detailed server information meant for the maintainer. This rule is...

PT-2020-6217 · Industrial Light & Magic +5 · Openexr +5

Name of the Vulnerable Software and Affected Versions: OpenEXR versions prior to 2.4.1 Description: The issue is related to an out-of-bounds read during RLE uncompression in the rleUncompress function in ImfRle.cpp. This can potentially allow a remote attacker to cause a denial of service...

Denial Of Service (DoS)

pidgin is vulnerable to denial of service. Multiple NULL pointer dereference flaws were found in the way Pidgin handled Base64 decoding. A remote attacker could use these flaws to crash Pidgin if the target Pidgin user was using the Yahoo! Messenger Protocol, MSN, MySpace, or Extensible Messaging...

Arbitrary Code Execution

gstreamer-plugins-good is vulnerable to arbitrary code execution. The vulnerability exists as multiple heap buffer overflows and an array indexing error were found in the GStreamer's QuickTime media file format decoding plugin. An attacker could create a carefully-crafted QuickTime media .mov fil...

Denial Of Service (DoS)

cups is vulnerable to denial of service DoS. The vulnerability exists as an integer overflow flaw leading to a heap buffer overflow was discovered in the Portable Network Graphics PNG decoding routines used by the CUPS image converting filters "imagetops" and "imagetoraster". An attacker could...

Arbitrary Code Execution

cups is vulnerable to arbitrary code execution. The vulnerability exists as a buffer overflow flaw was discovered in the GIF decoding routines used by CUPS image converting filters "imagetops" and "imagetoraster". An attacker could create a malicious GIF file that could possibly execute arbitrary...

Streaming issues that are related to Microsoft Media Foundation in Windows 7

Streaming issues that are related to Microsoft Media Foundation in Windows 7 Symptoms A hotfix is available for Microsoft Media Foundation in Windows 7. This hotfix resolves the following streaming issues that relate to Media Foundation: Issue 1 You cannot stream some audio files to multiple...

CVE-2019-12529

An issue was discovered in Squid 2.x through 2.7.STABLE9, 3.x through 3.5.28, and 4.x through 4.7. When Squid is configured to use Basic Authentication, the Proxy-Authorization header is parsed via uudecode. uudecode determines how many bytes will be decoded by iterating over the input and checki...

Windows Photo Viewer prints white lines when you use an XPS driver to print photos in Windows

Windows Photo Viewer prints white lines when you use an XPS driver to print photos in Windows Symptoms Consider the following scenario: You install update 2670838 on a computer that is running Windows 7 or Windows Server 2008 R2. Or, you are using a computer that is running Windows RT, Windows 8,...

perl-Convert-ASN1 Denial of Service Vulnerability

Perl is a general-purpose, interpreted, dynamic cross-platform programming language from the Perl community. A security vulnerability exists in perl-Convert-ASN1 0.27 and earlier versions, which stems from the program's unsafe decoding of user input. A remote attacker can exploit the vulnerabilit...

DEBIAN-CVE-2020-11612

The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memory allocation while decoding a ZlibEncoded byte stream. An attacker could send a large ZlibEncoded byte stream to the Netty server, forcing the server to allocate all of its free memory to a single decoder...