CVE-2018-13139

A stack-based buffer overflow in psfmemset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted audio file. The vulnerability can be triggered by the executable sndfile-deinterleave...

SUSE-SU-2018:1892-1 Security update for nodejs6

This update for nodejs6 to version 6.14.3 fixes the following issues: The following security vulnerability was addressed: - Fixed a denial of service DoS vulnerability in Buffer.fill, which could hang when being called CVE-2018-7167, bsc1097375. The following other changes were made: - Use absolu...

Stack overflow

A stack-based buffer overflow in psfmemset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted audio file. The vulnerability can be triggered by the executable sndfile-deinterleave...

CVE-2018-13139

A stack-based buffer overflow in psfmemset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted audio file. The vulnerability can be triggered by the executable sndfile-deinterleave...

CVE-2018-13139

A stack-based buffer overflow in psfmemset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted audio file. The vulnerability can be triggered by the executable sndfile-deinterleave...

CVE-2018-13139

A stack-based buffer overflow in psfmemset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted audio file. The vulnerability can be triggered by the executable sndfile-deinterleave...

GNU Binutils Denial of Service Vulnerability (CNVD-2018-13846 )

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utilities developed by the GNU Project to work with object files in a variety of formats, with connectors, assemblers, and other tools for object files and archives.The Binary File Descriptor BFD library a.k.a...

DEBIAN-CVE-2018-13033

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service excessive memory allocation and application crash via a crafted ELF file, as demonstrated by bfdelfparseattributes in elf-attrs.c and bfdmalloc in libbfd.c...

CVE-2018-13012

Download of code with improper integrity check in snsupd.exe and upd.exe in SAFE'N'SEC SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, and SoftControl/SafenSoft Enterprise Suite before 4.4.12 allows the remote attacker to execute unauthorized code by substituting a forged update...

Mozilla Firefox Code Execution Vulnerability (CNVD-2018-13891)

Mozilla Firefox and Firefox ESR are both browser products developed by the Mozilla Foundation in the U.S. Firefox is an open source web browser; Firefox ESR is an extended support version of Firefox. A security vulnerability exists in Mozilla Firefox prior to version 61, Firefox ESR prior to...

AXON PBX DLL Hijacking Vulnerability

AXON PBX is a suite of virtual telephone exchange software for use in business environments. The software is mainly used to manage telephone call centers and implements the functions of a telephone exchange in a software way. A DLL hijacking vulnerability exists in AXON PBX version 2.02, which...

Mozilla Firefox ESR Security Advisories (MFSA2018-15, MFSA2018-17) - 01 - Mac OS X

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:firefoxesr";...

mozilla -- multiple vulnerabilities

Mozilla Foundation reports: CVE-2018-12359: Buffer overflow using computed size of canvas element CVE-2018-12360: Use-after-free when using focus CVE-2018-12361: Integer overflow in SwizzleData CVE-2018-12358: Same-origin bypass using service worker and redirection CVE-2018-12362: Integer overflo...

PT-2018-3037 · Microsoft +3 · Windows 10 +5

Name of the Vulnerable Software and Affected Versions: Firefox versions prior to 61 Firefox ESR versions prior to 60.1 Firefox ESR versions prior to 52.9 Thunderbird versions prior to 60 Thunderbird versions prior to 52.9 Description: The issue is related to security setting errors in Firefox,...

KLA11271 Multiple vulnerabilities in Mozilla Firefox and Mozilla Firefox ESR

Multiple serious vulnerabilities have been found in Mozilla Firefox and Mozilla Firefox ESR. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, cause denial of service and obtain sensitive information. Below is a complete list of...

Security Bulletin: Various IBM WebSphere MQ Installers are susceptible to DLL-planting vulnerabilities (CVE-2016-2542 & CVE-2016-4560)

Summary Various IBM WebSphere MQ graphical user interface installers are susceptible to a DLL-planting vulnerability where a malicious DLL, that is present in the Windows search path, could be loaded by the operating system in place of the genuine file. The vulnerability affects Windows executabl...

The vulnerability of the NmAPI.exe executable of the WhatsUp Gold network infrastructure monitoring system allows a perpetrator to gain unauthorized access to the WhatsUp Gold system or execute remote commands.

The vulnerability of the NmAPI.exe executable of the WhatsUp Gold network infrastructure monitoring system is related to insufficient checking of incoming requests. Exploiting this vulnerability can allow a malicious actor to gain unauthorized access to the WhatsUp Gold system, disclose sensitive...

FastStone Image Viewer Denial of Service Vulnerability (CNVD-2018-14265)

FastStone Image Viewer is an image viewer that supports image browsing, format conversion, editing and more. A security vulnerability exists in FastStone Image Viewer version 6.2, which originates from the FSViewer.exe program failing to properly handle malformed JPEG files. An attacker can explo...

FastStone Image Viewer Denial of Service Vulnerability (CNVD-2018-14269)

FastStone Image Viewer is an image viewer that supports image browsing, format conversion, editing and more. A security vulnerability exists in FastStone Image Viewer version 6.2, which originates from the FSViewer.exe program failing to properly handle malformed JPEG files. An attacker can explo...

FastStone Image Viewer Denial of Service Vulnerability (CNVD-2018-12111)

FastStone Image Viewer is an image viewer that supports image browsing, format conversion, editing and more. A security vulnerability exists in FastStone Image Viewer version 6.2, which originates from the FSViewer.exe program failing to properly handle malformed JPEG files. An attacker can explo...