Lucene search
+L

322 matches found

OSV
OSV
added 2015/01/03 12:0 a.m.29 views

DLA-128-1 sox - security update

Bulletin has no description...

7.5CVSS5.3AI score0.07709EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2014/12/31 10:59 p.m.27 views

CVE-2014-8145

Multiple heap-based buffer overflows in Sound eXchange SoX 14.4.1 and earlier allow remote attackers to have unspecified impact via a crafted WAV file to the 1 startread or 2 AdpcmReadBlock function...

7.5CVSS6.7AI score0.07709EPSS
Exploits1References1
OSV
OSV
added 2014/12/31 12:28 p.m.9 views

MGASA-2014-0562 Updated unzip package fixes security vulnerabilities

Updated unzip package fix security vulnerabilities: The unzip command line tool is affected by heap-based buffer overflows within the CRC32 verification CVE-2014-8139, the testcompreb CVE-2014-8140 and the getZip64Data CVE-2014-8141 functions. The input errors may result in arbitrary code...

7.8CVSS7.1AI score0.07388EPSS
Exploits0References7
Mageia
Mageia
added 2014/12/31 12:28 p.m.44 views

Updated sox packages fix CVE-2014-8145

Updated sox packages fix security vulnerability: The sox command line tool is affected by two heap-based buffer overflows, respectively located in functions startread and AdpcmReadBlock. A specially crafted wav file can be used to trigger the vulnerabilities CVE-2014-8145...

7.5CVSS6.7AI score0.07709EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2014/12/29 12:0 a.m.38 views

Debian DSA-3113-1 : unzip - security update

Michele Spagnuolo of the Google Security Team discovered that unzip, an extraction utility for archives compressed in .zip format, is affected by heap-based buffer overflows within the CRC32 verification function CVE-2014-8139 , the testcompreb function CVE-2014-8140 and the getZip64Data function...

7.8CVSS7.6AI score0.07388EPSS
Exploits0References9
Debian
Debian
added 2014/12/28 7:2 p.m.43 views

[SECURITY] [DLA 124-1] unzip security update

Package : unzip Version : 6.0-4+deb6u1 CVE ID : CVE-2014-8139 CVE-2014-8140 CVE-2014-8141 Debian Bug : 773722 Michele Spagnuolo of the Google Security Team discovered that unzip, an extraction utility for archives compressed in .zip format, is affected by heap-based buffer overflows within the...

7.8CVSS8.2AI score0.07388EPSS
Exploits0
OSV
OSV
added 2014/12/28 12:0 a.m.29 views

DLA-124-1 unzip - security update

Bulletin has no description...

7.8CVSS7.9AI score0.07388EPSS
Exploits0
OpenVAS
OpenVAS
added 2014/12/27 12:0 a.m.28 views

Debian: Security Advisory (DSA-3113-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.1AI score0.07388EPSS
Exploits0References3
NVD
NVD
added 2014/12/26 8:59 p.m.19 views

CVE-2010-1441

Multiple heap-based buffer overflows in VideoLAN VLC media player before 1.0.6 allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted byte stream to the 1 A/52, 2 DTS, or 3 MPEG Audio decoder...

7.5CVSS7.8AI score0.0338EPSS
Exploits0References2
Debian
Debian
added 2014/12/23 4:56 p.m.59 views

[SECURITY] [DSA 3112-1] sox security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3112-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso December 23, 2014 http://www.debian.org/security/faq -...

7.5CVSS6.7AI score0.07709EPSS
Exploits1
OpenVAS
OpenVAS
added 2014/12/23 12:0 a.m.22 views

Debian Security Advisory DSA 3112-1 (sox - security update)

Michele Spagnuolo of the Google Security Team discovered two heap-based buffer overflows in SoX, the Swiss Army knife of sound processing programs. A specially crafted wav file could cause an application using SoX to crash or, possibly, execute arbitrary code. OpenVAS Vulnerability Test $Id:...

7.5CVSS5.8AI score0.07709EPSS
Exploits1References1
securityvulns
securityvulns
added 2014/12/23 12:0 a.m.65 views

[oCERT-2014-010] SoX input sanitization errors

2014-010 SoX input sanitization errors Description: The SoX project is an open source tool for sound processing. The sox command line tool is affected by two heap-based buffer overflows, respectively located in functions startread and AdpcmReadBlock. A specially crafted wav file can be used to...

7.5CVSS0.2AI score0.07709EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2014/12/19 12:0 a.m.40 views

Scientific Linux Security Update : jasper on SL6.x, SL7.x i386/x86_64 (20141218)

Multiple off-by-one flaws, leading to heap-based buffer overflows, were found in the way JasPer decoded JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code. CVE-2014-9029 A heap-based buffer overflow flaw was found ...

7.5CVSS7.5AI score0.18501EPSS
Exploits0References4
NVD
NVD
added 2014/10/20 5:55 p.m.15 views

CVE-2014-3564

Multiple heap-based buffer overflows in the statushandler function in 1 engine-gpgsm.c and 2 engine-uiserver.c in GPGME before 1.5.1 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via vectors related to "different line lengths in a specific order."...

6.8CVSS7.5AI score0.04289EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2014/10/12 12:0 a.m.49 views

Amazon Linux AMI : httpd24 (ALAS-2014-389)

A race condition flaw, leading to heap-based buffer overflows, was found in the modstatus httpd module. A remote attacker able to access a status page served by modstatus on a server using a threaded Multi-Processing Module MPM could send a specially crafted request that would cause the httpd chi...

6.8CVSS7.6AI score0.85744EPSS
Exploits5References4
Tenable Nessus
Tenable Nessus
added 2014/10/10 12:0 a.m.36 views

F5 Networks BIG-IP : icclib vulnerabilities (SOL9990)

Multiple integer overflow flaws which could lead to heap-based buffer overflows, as well as multiple insufficient input validation flaws, were found in Ghostscript's International Color Consortium Format library icclib. Using specially crafted ICC profiles, an attacker could create a malicious...

9.3CVSS5.5AI score0.04708EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2014/08/06 3:6 p.m.69 views

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.3.0 update

Updated Red Hat JBoss Enterprise Application Platform 6.3.0 packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having Important security impact. Common...

6.8CVSS7AI score0.85744EPSS
Exploits5References47
Tenable Nessus
Tenable Nessus
added 2014/07/31 12:0 a.m.50 views

Mandriva Linux Security Advisory : apache (MDVSA-2014:142)

Updated apache package fixes security vulnerabilities : A race condition flaw, leading to heap-based buffer overflows, was found in the modstatus httpd module. A remote attacker able to access a status page served by modstatus on a server using a threaded Multi-Processing Module MPM could send a...

6.8CVSS7.7AI score0.85744EPSS
Exploits5References4
Amazon
Amazon
added 2014/07/31 12:0 a.m.93 views

Important: httpd24

Issue Overview: A race condition flaw, leading to heap-based buffer overflows, was found in the modstatus httpd module. A remote attacker able to access a status page served by modstatus on a server using a threaded Multi-Processing Module MPM could send a specially crafted request that would cau...

6.8CVSS8.4AI score0.85744EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2014/07/24 12:0 a.m.300 views

CentOS 5 / 6 : httpd (CESA-2014:0920)

Updated httpd packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, a...

6.8CVSS7.7AI score0.85744EPSS
Exploits5References5
Rows per page
Query Builder