CVE-2019-6208

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may cause unexpected changes in memory shared between processes...

Memory corruption

A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 12.1.3,macOS Mojave 10.14.3,tvOS 12.1.2,watchOS 5.1.3. A malicious application may be able to break out of its sandbox...

CVE-2013-7469

Seafile through 6.2.11 always uses the same Initialization Vector IV with Cipher Block Chaining CBC Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks...

DEBIAN-CVE-2013-7469

Seafile through 6.2.11 always uses the same Initialization Vector IV with Cipher Block Chaining CBC Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks...

UBUNTU-CVE-2013-7469

Seafile through 6.2.11 always uses the same Initialization Vector IV with Cipher Block Chaining CBC Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks...

Fedora 29 : python-markdown2 (2019-095c760511)

python-markdown2 2.3.7 - pull 306 Drop support for legacy Python versions - pull 307 Fix syntax highlighting test cases that depend on Pygments output - pull 308 Add support for Python 3.7 - pull 304 Add Wheel package support - pull 312 Fix tocdepth initialization regression - pull 315 XSS fix No...

Code injection

The seadroid aka Seafile Android Client application through 2.2.13 for Android always uses the same Initialization Vector IV with Cipher Block Chaining CBC Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks...

UBUNTU-CVE-2019-8912

In the Linux kernel through 4.20.11, afalgrelease in crypto/afalg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfssetattr...

Windows Kernel Information Disclosure Vulnerability

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory. To exploit this vulnerability, an authenticated attacker could run a specially crafted application. An attacker who successfully exploited this vulnerability could obtain information t...

Adobe Acrobat Pro DC HTML2PDF HTML Parsing Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

Microsoft Windows JET Database Engine Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET databa...

Security update for java-11-openjdk (important)

openSUSE Security Update: Security update for java-11-openjdk Announcement ID: openSUSE-SU-2019:0161-1 Rating: important References: 1120431 1122293 1122299 Cross-References: CVE-2018-11212 CVE-2019-2422 CVE-2019-2426 Affected Products: openSUSE Leap 15.0 An update that fixes three vulnerabilitie...

OMRON CX-Supervisor SCS File Parsing Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing ...

ALPINE-CVE-2019-7573

SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMSADPCM in audio/SDLwave.c inside the wNumCoef loop...

DEBIAN-CVE-2018-20761

GPAC version 0.7.1 and earlier has a Buffer Overflow vulnerability in the gfsmloadinit function in scenemanager.c in libgpacstatic.a...

Ubuntu 18.04 LTS : Linux kernel regression (USN-3871-2)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-3871-2 advisory. USN-3871-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. Unfortunately, that update introduced regressions with docking station displays and...

PT-2019-5614 · Simple Directmedia Layer +6 · Sdl +6

Name of the Vulnerable Software and Affected Versions: SDL Simple DirectMedia Layer versions 1.2.15 and earlier SDL Simple DirectMedia Layer versions 2.0.9 and earlier Description: The issue is related to a heap-based buffer over-read in the InitMS ADPCM function in audio/SDL wave.c, outside the...

USN-3879-2 linux-lts-xenial, linux-aws vulnerabilities

USN-3879-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Wen Xu discovered that the ext4 file system implementation in the Linux kernel could...

USN-3871-2: Linux kernel regression

USN-3871-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. Unfortunately, that update introduced regressions with docking station displays and mounting ext4 file systems with the metabg option enabled. This update fixes the problems. We apologize for the inconvenience. Original...

Apple iOS, tvOS and macOS Kernel Memory Initialization Vulnerability

Apple iOS is an operating system developed for mobile devices; macOS Sierra, macOS High Sierra, and macOS Mojave are different versions of a specialized operating system developed for Mac computers; tvOS is a smart TV operating system. Kernel is one of the kernel components. A security...