Integer overflow

TensorFlow is an end-to-end open source platform for machine learning. In affected versions the implementation of tf.rawops.QuantizeAndDequantizeV4Grad is vulnerable to an integer overflow issue caused by converting a signed integer value to an unsigned one and then allocating memory based on thi...

SUSE-SU-2021:0594-1 Security update for python-cryptography

This update for python-cryptography fixes the following issues: - CVE-2020-36242: Using the Fernet class to symmetrically encrypt multi gigabyte values could result in an integer overflow and buffer overflow bsc1182066...

OPENSUSE-SU-2020:1840-1 Security update for tiff

This update for tiff fixes the following issues: - CVE-2019-14973: Fixed an improper check which was depended on the compiler which could have led to integer overflow bsc1146608. This update was imported from the SUSE:SLE-15:Update update project...

OPENSUSE-SU-2020:0624-1 Security update for LibVNCServer

This update for LibVNCServer fixes the following issues: - CVE-2019-15690: Fixed a heap buffer overflow bsc1160471. - CVE-2019-15681: Fixed a memory leak which could have allowed to a remote attacker to read stack memory bsc1155419. - CVE-2019-20788: Fixed a integer overflow and heap-based buffer...

PT-2019-5886 · Oniguruma +5 · Oniguruma +5

Name of the Vulnerable Software and Affected Versions: Oniguruma versions 6.x through 6.9.4 rc2 Description: The issue is related to an integer overflow in the search in range function, which can lead to an out-of-bounds read. The offset of this read is under the control of an attacker, allowing...

CVE-2015-5297

An integer overflow issue has been reported in the generalcompositerect function in pixman prior to version 0.32.8. An attacker could exploit this issue to cause an application using pixman to crash or, potentially, execute arbitrary code...

SUSE-SU-2019:0215-1 Security update for python3

This update for python3 fixes the following issues: Security issue fixed: - CVE-2019-5010: Fixed a denial-of-service vulnerability in the X509 certificate parser bsc1122191 - CVE-2018-20406: Fixed a integer overflow via a large LONGBINPUT bsc1120644...

SUSE-SU-2018:1334-2 Security update for MozillaFirefox

This update for MozillaFirefox to the ESR 52.8 release fixes the following issues: Mozil to Firefox ESR 52.8 bsc1092548 Security issues fixed: - MFSA 2018-12/CVE-2018-5159: Integer overflow and out-of-bounds write in Skia - MFSA 2018-12/CVE-2018-5158: Malicious PDF can inject JavaScript into PDF...

CVE-2017-9188

libautotrace.a in AutoTrace 0.31.1 has a "left shift ... cannot be represented in type int" issue in input-bmp.c:516:63...

SUSE-SU-2017:1284-1 Security update for Linux Kernel Live Patch 7 for SLE 12 SP1

This update for the Linux Kernel 3.12.62-6062 fixes several issues. The following security bugs were fixed: - CVE-2017-7308: The packetsetring function in net/packet/afpacket.c in the Linux kernel did not properly validate certain block-size data, which allowed local users to cause a denial of...

CVE-2014-9667

sfnt/ttload.c in FreeType before 2.5.4 proceeds with offset+length calculations without restricting the values, which allows remote attackers to cause a denial of service integer overflow and out-of-bounds read or possibly have unspecified other impact via a crafted SFNT table...

Debian Security Advisory DSA 2930-1 (chromium-browser - security update)

Several vulnerabilties have been discovered in the chromium web browser. CVE-2014-1740 Collin Payne discovered a use-after-free issue in chromium's WebSockets implementation. CVE-2014-1741 John Butler discovered multiple integer overflow issues in the Blink/Webkit document object model...

Debian: Security Advisory (DSA-2930-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2009-0148

Multiple buffer overflows in Cscope before 15.7a allow remote attackers to execute arbitrary code via long strings in input such as 1 source-code tokens and 2 pathnames, related to integer overflows in some cases. NOTE: this issue exists because of an incomplete fix for CVE-2004-2541...

MPlayer 1.0 - AVIHeader.C Heap Buffer Overflow

MPlayer 1.0 - AVIHeader.C Heap Buffer Overflow source: https://www.securityfocus.com/bid/25648/info MPlayer is prone to a heap-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input data. Attackers can exploit this issue to execute arbitrar...

DSA-601-1 libgd1 - integer overflow

Bulletin has no description...

linux kernel ip_setsockopt integer overflow

Integer overflow on MCASTMSFILTER option processing...

[SECURITY] [DSA 440-1] New Linux 2.4.17 packages fix several local root exploits (powerpc/apus)

-------------------------------------------------------------------------- Debian Security Advisory DSA 440-1 [email protected] http://www.debian.org/security/ Martin Schulze February 18th, 2004 http://www.debian.org/security/faq -...

CVE-2003-0028

Integer overflow in the xdrmemgetbytes function, and possibly other functions, of XDR external data representation libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different...

CVE-2002-0639

Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication ChallengeResponseAuthentication when OpenSSH is using SKEY or BSDAUTH authentication...