EUVD-2019-14878

Malware in sbrugna...

CVE-2019-5273

USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in a large heap buffer overrun error, an attacker may exploit the vulnerability by a malicious certificate, resulting a deni...

RHEL 4 : perl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - perl: File::Temp insecure temporary file handling CVE-2011-4116 - perl: heap buffer overrun flaw may lead...

A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_package. The attacker can supply a smart card package with malformed ASN1 context. The cardos_have_verifyrc_package function scans the ASN1 buffer for 2 tags where remaining length is wrongly caculated due to moved starting pointer. This leads to possible heap-based buffer oob read. In cases where ASAN is enabled while compiling this causes a crash. Further info leak or more damage is possible.

...

SUSE CVE-2020-19609

Artifex MuPDF before 1.18.0 has a heap based buffer over-write in tiffexpandcolormap function when parsing TIFF files allowing attackers to cause a denial of service...

Fix of CVE: CVE-2020-10543

CVE-2020-10543: fix signed integer overflow leading to heap buffer overrun...

CVE-2019-5273

USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in a large heap buffer overrun error, an attacker may exploit the vulnerability by a malicious certificate, resulting a deni...

CVE-2019-5273

USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in a large heap buffer overrun error, an attacker may exploit the vulnerability by a malicious certificate, resulting a deni...

Heap overflow

USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in a large heap buffer overrun error, an attacker may exploit the vulnerability by a malicious certificate, resulting a deni...

CVE-2019-5273

The Huawei USG9500 hardening advisory confirms CVE-2019-5273 is a denial-of-service vulnerability in the X.509 certificate handling. Affected products are USG9500 with V500R001C30 and V500R001C60. The root cause is a flaw in X.509 processing that can trigger a large heap buffer overrun when decod...

CVE-2019-5273

USG9500 with versions of V500R001C30;V500R001C60 have a denial of service vulnerability. Due to a flaw in the X.509 implementation in the affected products which can result in a large heap buffer overrun error, an attacker may exploit the vulnerability by a malicious certificate, resulting a deni...

Security Advisory - Multiple Vulnerabilities in the X.509 Implementation in Some Huawei Products

There is a denial of service vulnerability in some Huawei products. Due to a flaw in the X.509 implementation in the affected products which can result in a heap buffer overflow when decoding a certificate, an attacker may exploit the vulnerability by a malicious certificate to perform a denial o...

[ASA-201711-11] libcurl-gnutls: information disclosure

Arch Linux Security Advisory ASA-201711-11 ========================================== Severity: Medium Date : 2017-11-02 CVE-ID : CVE-2017-1000257 Package : libcurl-gnutls Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-462 Summary ======= The package...

[ASA-201711-9] lib32-libcurl-gnutls: information disclosure

Arch Linux Security Advisory ASA-201711-9 ========================================= Severity: Medium Date : 2017-11-02 CVE-ID : CVE-2017-1000257 Package : lib32-libcurl-gnutls Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-464 Summary ======= The package...

[ASA-201711-7] lib32-curl: information disclosure

Arch Linux Security Advisory ASA-201711-7 ========================================= Severity: Medium Date : 2017-11-02 CVE-ID : CVE-2017-1000257 Package : lib32-curl Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-466 Summary ======= The package lib32-curl...

Panasonic FPWIN Pro OPNISAMX Heap Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Panasonic FPWIN Pro. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within parsing of...

Gentoo Security Advisory GLSA 201502-14

Gentoo Linux Local Security Checks GLSA 201502-14 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

libpng security vulnerabilities

Few integer overflows lead to heap buffer overrun...

grep: Denial of service

Background grep is the GNU regular expression matcher. Description A heap buffer overrun has been fixed in the bmexectrans function in kwset.c. Impact A local user can cause Denial of Service. Workaround There is no known workaround at this time. Resolution All grep users should upgrade to the...

openSUSE Security Update : grep (openSUSE-2015-121)

grep was updated to fix one security issue. This security issue was fixed : - Heap buffer overrun with a carefully crafted combination of input and regexp CVE-2015-1345. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from...