Huawei EulerOS: Security Advisory for libXfont (EulerOS-SA-2019-2357)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD : FreeBSD -- Multiple vulnerabilities in bzip2 (3c7edc7a-f680-11e9-a87f-a4badb2f4699)

The decompressor used in bzip2 contains a bug which can lead to an out-of-bounds write when processing a specially crafted bzip21 file. bzip2recover contains a heap use-after-free bug which can be triggered when processing a specially crafted bzip21 file. Impact : An attacker who can cause...

CVE-2017-7773

A heap-based buffer overflow flaw related to "lz4::decompress" src/Decompressor has been reported in graphite2. An attacker could exploit this issue to cause a crash or, possibly, execute arbitrary code...

FreeBSD -- Multiple vulnerabilities in bzip2

Problem Description: The decompressor used in bzip2 contains a bug which can lead to an out-of-bounds write when processing a specially crafted bzip21 file. bzip2recover contains a heap use-after-free bug which can be triggered when processing a specially crafted bzip21 file. Impact: An attacker...

FreeBSD-SA-19:18.bzip2

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-19:18.bzip2 Security Advisory The FreeBSD Project Topic: Multiple vulnerabilities in bzip2 Category: contrib Module: bzip2 Announced: 2019-08-06 Affects: All...

CVE-2017-7773

Heap-based Buffer Overflow write in Graphite2 library in Firefox before 54 in lz4::decompress src/Decompressor...

DEBIAN-CVE-2017-7773

Heap-based Buffer Overflow write in Graphite2 library in Firefox before 54 in lz4::decompress src/Decompressor...

CVE-2017-7773

Heap-based Buffer Overflow write in Graphite2 library in Firefox before 54 in lz4::decompress src/Decompressor...

Heap overflow

Heap-based Buffer Overflow write in Graphite2 library in Firefox before 54 in lz4::decompress src/Decompressor...

CVE-2017-7773

CVE-2017-7773 is a Graphite2 heap-based buffer overflow in the lz4::decompress implementation (src/Decompressor) that affects Firefox prior to 54. The issue can cause a crash and, per advisories, may allow arbitrary code execution under certain conditions. Affected products are those using Graphi...

librawspeed: Heap-buffer-overflow in rawspeed::NikonDecompressor::createCurve

Project: https://github.com/darktable-org/rawspeed.git Detailed report: https://oss-fuzz.com/testcase?key=6484242584305664 Project: librawspeed Fuzzer: libFuzzerlibrawspeedTiffDecoderFuzzer-NefDecoder Fuzz target binary: TiffDecoderFuzzer-NefDecoder Job Type: libfuzzerasanlibrawspeed Platform Id:...

graphite2: heap-buffer-overflow write "lz4::decompress" (src/Decompressor)

A heap-based buffer overflow flaw related to "lz4::decompress" src/Decompressor has been reported in graphite2. An attacker could exploit this issue to cause a crash or, possibly, execute arbitrary code...

graphite2: heap-buffer-overflow write "lz4::decompress" (src/Decompressor)

A heap-based buffer overflow flaw related to "lz4::decompress" src/Decompressor has been reported in graphite2. An attacker could exploit this issue to cause a crash or, possibly, execute arbitrary code...

Debian DSA-3540-1 : lhasa - security update

Marcin Noga discovered an integer underflow in Lhasa, a lzh archive decompressor, which might result in the execution of arbitrary code if a malformed archive is processed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

[SECURITY] [DSA 3540-1] lhasa security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3540-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 03, 2016 https://www.debian.org/security/faq -...

DSA-3540-1 lhasa - security update

Bulletin has no description...

Oracle: Security Advisory (ELSA-2014-0861)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

F5 Networks BIG-IP : Multiple LibTIFF vulnerabilities (K16715)

CVE-2013-1960 Heap-based buffer overflow in the t2pprocessjpegstrip function in tiff2pdf in libtiff 4.0.3 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted TIFF image file. CVE-2013-1961 Stack-based buffer overflow in the...

CVE-2010-1444

The ZIP archive decompressor in VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service invalid memory access and application crash or possibly execute arbitrary code via a crafted archive...

CVE-2010-1444

VLC Media Player prior to 1.0.6 is affected by CVE-2010-1444 due to a vulnerability in the ZIP archive decompressor. A crafted ZIP archive can cause a denial of service via invalid memory access and application crash, and may possibly allow arbitrary code execution. The issue affects the ZIP deco...