Huawei EulerOS: Security Advisory for icu (EulerOS-SA-2019-2248)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the VNC Repeater component of the LibVNC library, which allows a hacker to disclose protected information

The vulnerability of the VNC Repeater component in the client library LibVNC is related to initialization errors. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

CVE-2018-20433

c3p0 0.9.5.2 allows XXE in extractXmlConfigFromInputStream in com/mchange/v2/c3p0/cfg/C3P0ConfigXmlUtils.java during initialization...

GHSA-Q485-J897-QC27 XML External Entity Reference in mchange:c3p0

c3p0 0.9.5.2 allows XXE in extractXmlConfigFromInputStream in com/mchange/v2/c3p0/cfg/C3P0ConfigXmlUtils.java during initialization...

XML External Entity Reference in c3p0:c3p0

c3p0 allows XXE during initialization...

CVE-2018-20022

LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains multiple weaknesses CWE-665: Improper Initialization vulnerability in VNC client code that allows attacker to read stack memory and can be abuse for information disclosure. Combined with another vulnerability, it can be used to leak...

CVE-2018-20022

LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains multiple weaknesses CWE-665: Improper Initialization vulnerability in VNC client code that allows attacker to read stack memory and can be abuse for information disclosure. Combined with another vulnerability, it can be used to leak...

CVE-2018-20023

LibVNC before 8b06f835e259652b0ff026898014fc7297ade858 contains CWE-665: Improper Initialization vulnerability in VNC Repeater client code that allows attacker to read stack memory and can be abuse for information disclosure. Combined with another vulnerability, it can be used to leak stack memor...

CVE-2018-20022

LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains multiple weaknesses CWE-665: Improper Initialization vulnerability in VNC client code that allows attacker to read stack memory and can be abuse for information disclosure. Combined with another vulnerability, it can be used to leak...

Kernel Memory Initialization Vulnerability in Multiple Apple Products (CNVD-2018-22362)

Apple iOS is an operating system developed for mobile devices, tvOS is a smart TV operating system, and watchOS is a smart watch operating system. kernel is one of the kernel components. A security vulnerability exists in the Kernel component of several Apple products. The vulnerability can be...

CVE-2018-14647

Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause pathological hash collisions in Expat's internal data structures, consuming...

CVE-2018-10811

strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable...

SELA Buffer Error Vulnerability

SELA aka SimplE Lossless Audio is a lossless audio encoder/decoder. A stack buffer overflow vulnerability exists in the 'initapev2keys' function in the core/apev2.c file in SELA version 0.1.2-alpha. A detailed vulnerability description is not available at this time...

Libav h264_slice_init function denial of service vulnerability

Libav is an open source audio and video processing tools , providing for conversion , manipulation and streaming of various multimedia formats and protocols cross-platform tools and libraries . A denial of service vulnerability exists in the h264sliceinit function in libavcodec/h264slice.c in Lib...

CVE-2016-9436

parsetagx.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to a tag...

Debian Security Advisory DSA 3636-1 (collectd - security update)

Emilien Gaspar discovered that collectd, a statistics collection and monitoring daemon, incorrectly processed incoming network packets. This resulted in a heap overflow, allowing a remote attacker to either cause a DoS via application crash, or potentially execute arbitrary code. Additionally,...

[SECURITY] [DSA 3636-1] collectd security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3636-1 [email protected] https://www.debian.org/security/ Sebastien Delafond July 30, 2016 https://www.debian.org/security/faq -...

DLA-575-1 collectd - security update

Bulletin has no description...

Lexmark Printer Competitive Conditions Vulnerability

Lexmark printer is a printer product from Lexmark, USA. A competitive condition vulnerability exists in the initialization process of the Lexmark printer. A remote attacker can bypass authentication via incorrect detection of security-jumper state...

FreeBSD : net-snmp -- snmp_pdu_parse() function incomplete initialization (381183e8-3798-11e5-9970-14dae9d210b8)

Qinghao Tang reports : Incompletely initialized vulnerability exists in the function 'snmppduparse' of 'snmpapi.c', and remote attackers can cause memory leak, DOS and possible command executions by sending malicious packets. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive te...