CVE-2018-14550

An issue has been found in third-party PNM decoding associated with libpng 1.6.35. It is a stack-based buffer overflow in the function gettoken in pnm2png.c in pnm2png...

CVE-2018-14550

An issue has been found in third-party PNM decoding associated with libpng 1.6.35. It is a stack-based buffer overflow in the function gettoken in pnm2png.c in pnm2png...

SUSE-SU-2019:1773-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: Security issues fixed: - CVE-2019-11597: Fixed a heap-based buffer over-read in the WriteTIFFImage bsc1138464. - Fixed a file content disclosure via SVG and WMF decoding bsc1138425...

openSUSE: Security Advisory for ImageMagick (openSUSE-SU-2019:1683-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

openSUSE Security Update : ImageMagick (openSUSE-2019-1683)

This update for ImageMagick fixes the following issues : Security issues fixed : - CVE-2019-11597: Fixed a heap-based buffer over-read in the WriteTIFFImage bsc1138464. - Fixed a file content disclosure via SVG and WMF decoding bsc1138425.- CVE-2019-11472: Fixed a denial of service in ReadXWDImag...

SUSE SLED12 / SLES12 Security Update : ImageMagick (SUSE-SU-2019:1712-1)

This update for ImageMagick fixes the following issues : Security issues fixed : CVE-2019-11597: Fixed a heap-based buffer over-read in the WriteTIFFImage bsc1138464. Fixed a file content disclosure via SVG and WMF decoding bsc1138425.- CVE-2019-11472: Fixed a denial of service in ReadXWDImage...

cockpit: Crash when parsing invalid base64 headers

It was found that cockpit used glib's base64 decode functionality incorrectly resulting in a denial of service attack. An unauthenticated attacker could send a specially crafted request with an invalid base64-encoded cookie which could cause the web service to crash...

CVE-2019-6972

An issue was discovered on TP-Link TL-WR1043ND V2 devices. The credentials can be easily decoded and cracked by brute-force, WordList, or Rainbow Table attacks. Specifically, credentials in the "Authorization" cookie are encoded with URL encoding and base64, leading to easy decoding. Also, the...

Design/Logic Flaw

Out of bounds memory read and access due to improper array index validation may lead to unexpected behavior while decoding XTRA file in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

Ubuntu 18.04 LTS : Exim vulnerability (USN-4010-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4010-1 advisory. It was discovered that Exim incorrectly handled certain decoding operations. A remote attacker could possibly use this issue to execute arbitrary commands. Tenabl...

USN-4009-2 php5 vulnerabilities

USN-4009-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that PHP incorrectly decoding certain MIME headers. A remote attacker could possibly use this issue to cause PHP t...

USN-4010-1 exim4 vulnerability

It was discovered that Exim incorrectly handled certain decoding operations. A remote attacker could possibly use this issue to execute arbitrary commands...

USN-4010-1: Exim vulnerability

It was discovered that Exim incorrectly handled certain decoding operations. A remote attacker could possibly use this issue to execute arbitrary commands...

openSUSE Security Update : GraphicsMagick (openSUSE-2019-1491)

This update for GraphicsMagick fixes the following issues : Changes in GraphicsMagick : - disable also PCL decoding by default, as it is also passed through ghostscript boo1136183 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...

OPENSUSE-SU-2019:1507-1 Recommended update for GraphicsMagick

This update for GraphicsMagick fixes the following issues: Changes in GraphicsMagick: - disable also PCL decoding by default, as it is also passed through ghostscript boo1136183 This update was imported from the openSUSE:Leap:15.0:Update update project...

OPENSUSE-SU-2019:1491-1 Recommended update for GraphicsMagick

This update for GraphicsMagick fixes the following issues: Changes in GraphicsMagick: - disable also PCL decoding by default, as it is also passed through ghostscript boo1136183...

Libwebp Resource Management Error Vulnerability

Libwebp is a WebP image format encoding and decoding library . A resource management error vulnerability exists in libwebpmux in Libwebp version 0.5.1. The vulnerability arises from mismanagement of system resources e.g., memory, disk space, files, etc. by a network system or product. No detailed...

CVE-2018-20008

iBall Baton iB-WRB302N20122017 devices have improper access control over the UART interface, allowing physical attackers to discover Wi-Fi credentials plain text and the web-console password base64 via the debugging console...

Improper Input Validation and Buffer Over-read in mqtt-packet

A specifically malformed MQTT Subscribe packet crashes MQTT Brokers using the mqtt-packet module versions 3.5.1, 4.0.0 - 4.1.3, 5.0.0 - 5.6.1, 6.0.0 - 6.1.2 for decoding...

UBUNTU-CVE-2019-10050

A buffer over-read issue was discovered in Suricata 4.1.x before 4.1.4. If the input of the decode-mpls.c function DecodeMPLS is composed only of a packet of source address and destination address plus the correct type field and the right number for shim, an attacker can manipulate the control...