322 matches found
CVE-2016-4293
The CVE-2016-4293 vulnerability affects Hancom Office 2014 VP. It occurs in Hangul Hcell documents when parsing 0x088e records in the Workbook stream: the 0x088e structure exposes table_style_length and pivot_style_length fields (at offsets 0x10 and 0x12) that are used to copy strings into the CB...
CentOS 7 : openjpeg (CESA-2017:0838)
An update for openjpeg is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
CentOS Update for openjpeg CESA-2017:0838 centos7
Check the version of openjpeg SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882686";...
CVE-2017-5337
CVE-2017-5337 is a GnuTLS vulnerability involving multiple heap-based buffer overflows in read_attribute triggered by crafted OpenPGP certificates. Affected versions are GnuTLS builds before 3.3.26 and 3.5.x before 3.5.8. The connected materials confirm the root cause as heap overflows in read_at...
Amazon Linux AMI : openjpeg (ALAS-2017-807)
Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in OpenJPEG. A specially crafted JPEG2000 image could cause an application using OpenJPEG to crash or, potentially, execute arbitrary code. CVE-2016-5139 , CVE-2016-5158 , CVE-2016-5159 , CVE-2016-7163 A...
Medium: openjpeg
Issue Overview: Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in OpenJPEG. A specially crafted JPEG2000 image could cause an application using OpenJPEG to crash or, potentially, execute arbitrary code. CVE-2016-5139, CVE-2016-5158, CVE-2016-5159, CVE-2016-716...
RHEL 6 : openjpeg (RHSA-2017:0559)
An update for openjpeg is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
CVE-2016-5805
CVE-2016-5805 concerns heap-based buffer overflow flaws in Delta Electronics PLC software: WPLSoft (versions before V2.42.11), ISPSoft (before 3.02.11), and PMSoft (before 2.10.10). Exploitation could allow arbitrary code execution or denial of service by parsing of DVP/LAD/other file formats, as...
VMware Workstation Player Multiple Code Execution Vulnerabilities (Feb 2017) - Windows
VMware Workstation Player is prone to multiple code execution vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2017-5337
Multiple heap-based buffer overflows in the readattribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate...
[SECURITY] [DSA 3753-1] libvncserver security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3753-1 [email protected] https://www.debian.org/security/ Sebastien Delafond January 05, 2017 https://www.debian.org/security/faq -...
Debian Security Advisory DSA 3753-1 (libvncserver - security update)
It was discovered that libvncserver, a collection of libraries used to implement VNC/RFB clients and servers, incorrectly processed incoming network packets. This resulted in several heap-based buffer overflows, allowing a rogue server to either cause a DoS by crashing the client, or potentially...
CVE-2016-9675
A vulnerability was found in the patch for CVE-2013-6045 for OpenJPEG. A specially crafted JPEG2000 image, when read by an application using OpenJPEG, could cause heap-based buffer overflows leading to a crash or possible code execution...
CVE-2016-7167
Multiple integer overflow flaws leading to heap-based buffer overflows were found in the way curl handled escaping and unescaping of data. An attacker could potentially use these flaws to crash an application using libcurl by sending a specially crafted input to the affected libcurl functions...
CVE-2016-5154
Multiple heap-based buffer overflows in PDFium, as used in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allow remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted JBig2 image...
SUSE-SU-2016:2174-1 Security update for Linux Kernel Live Patch 0 for SLE 12 SP1
This update for the Linux Kernel 3.12.49-11 fixes several issues. The following security bugs were fixed: - CVE-2016-6480: Race condition in the ioctlsendfib function in drivers/scsi/aacraid/commctrl.c in the Linux kernel allowed local users to cause a denial of service out-of-bounds access or...
CVE-2016-5829
Multiple heap-based buffer overflows in the hiddevioctlusage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted 1 HIDIOCGUSAGES or 2 HIDIOCSUSAGES ioctl call...
CVE-2016-5829
Multiple heap-based buffer overflows in the hiddevioctlusage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted 1 HIDIOCGUSAGES or 2 HIDIOCSUSAGES ioctl call...
lib32-flashplugin: multiple issues
CVE-2016-4122, CVE-2016-4123, CVE-2016-4124, CVE-2016-4125, CVE-2016-4127, CVE-2016-4128, CVE-2016-4129, CVE-2016-4130, CVE-2016-4131, CVE-2016-4132, CVE-2016-4133, CVE-2016-4134, CVE-2016-4137, CVE-2016-4141, CVE-2016-4150, CVE-2016-4151, CVE-2016-4152, CVE-2016-4153, CVE-2016-4154,...
flashplugin: multiple issues
CVE-2016-4122, CVE-2016-4123, CVE-2016-4124, CVE-2016-4125, CVE-2016-4127, CVE-2016-4128, CVE-2016-4129, CVE-2016-4130, CVE-2016-4131, CVE-2016-4132, CVE-2016-4133, CVE-2016-4134, CVE-2016-4137, CVE-2016-4141, CVE-2016-4150, CVE-2016-4151, CVE-2016-4152, CVE-2016-4153, CVE-2016-4154,...