CVE-2020-15707

Integer overflows were discovered in the functions grubcmdinitrd and grubinitrdinit in the efilinux component of GRUB2, as shipped in Debian, Red Hat, and Ubuntu the functionality is not included in GRUB2 upstream, leading to a heap-based buffer overflow. These could be triggered by an extremely...

openSUSE: Security Advisory for LibVNCServer (openSUSE-SU-2020:1056-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

OPENSUSE-SU-2020:1056-1 Security update for LibVNCServer

This update for LibVNCServer fixes the following issues: - security update - added patches fix CVE-2018-21247 bsc1173874, uninitialized memory contents are vulnerable to Information leak + LibVNCServer-CVE-2018-21247.patch fix CVE-2019-20839 bsc1173875, buffer overflow in ConnectClientToUnixSock ...

Security update for LibVNCServer (important)

openSUSE Security Update: Security update for LibVNCServer Announcement ID: openSUSE-SU-2020:1056-1 Rating: important References: 1173477 1173691 1173694 1173700 1173701 1173743 1173874 1173875 1173876 1173880 Cross-References: CVE-2017-18922 CVE-2018-21247 CVE-2019-20839 CVE-2019-20840...

openSUSE Security Update : LibVNCServer (openSUSE-2020-1025)

This update for LibVNCServer fixes the following issues : - security update - added patches fix CVE-2018-21247 bsc1173874, uninitialized memory contents are vulnerable to Information leak + LibVNCServer-CVE-2018-21247.patch fix CVE-2019-20839 bsc1173875, buffer overflow in ConnectClientToUnixSock...

Security update for LibVNCServer (important)

openSUSE Security Update: Security update for LibVNCServer Announcement ID: openSUSE-SU-2020:1025-1 Rating: important References: 1173477 1173691 1173694 1173700 1173701 1173743 1173874 1173875 1173876 1173880 Cross-References: CVE-2017-18922 CVE-2018-21247 CVE-2019-20839 CVE-2019-20840...

openSUSE Security Update : perl (openSUSE-2020-850)

This update for perl fixes the following issues : - CVE-2020-10543: Fixed a heap buffer overflow in regular expression compiler which could have allowed overwriting of allocated memory with attacker's data bsc1171863. - CVE-2020-10878: Fixed multiple integer overflows which could have allowed the...

Security update for LibVNCServer (important)

openSUSE Security Update: Security update for LibVNCServer Announcement ID: openSUSE-SU-2020:0988-1 Rating: important References: 1173477 1173691 1173694 1173700 1173701 1173743 1173874 1173875 1173876 1173880 Cross-References: CVE-2017-18922 CVE-2018-21247 CVE-2019-20839 CVE-2019-20840...

SUSE SLED15 / SLES15 Security Update : LibVNCServer (SUSE-SU-2020:1922-1)

This update for LibVNCServer fixes the following issues : security update added patches fix CVE-2018-21247 bsc1173874, uninitialized memory contents are vulnerable to Information leak + LibVNCServer-CVE-2018-21247.patch fix CVE-2019-20839 bsc1173875, buffer overflow in ConnectClientToUnixSock +...

SUSE-SU-2020:1922-1 Security update for LibVNCServer

This update for LibVNCServer fixes the following issues: - security update - added patches fix CVE-2018-21247 bsc1173874, uninitialized memory contents are vulnerable to Information leak + LibVNCServer-CVE-2018-21247.patch fix CVE-2019-20839 bsc1173875, buffer overflow in ConnectClientToUnixSock ...

SUSE SLES12 Security Update : perl (SUSE-SU-2020:1662-1)

This update for perl fixes the following issues : CVE-2020-10543: Fixed a heap buffer overflow in regular expression compiler which could have allowed overwriting of allocated memory with attacker's data bsc1171863. CVE-2020-10878: Fixed multiple integer overflows which could have allowed the...

SUSE SLED15 / SLES15 Security Update : perl (SUSE-SU-2020:1682-1)

This update for perl fixes the following issues : CVE-2020-10543: Fixed a heap buffer overflow in regular expression compiler which could have allowed overwriting of allocated memory with attacker's data bsc1171863. CVE-2020-10878: Fixed multiple integer overflows which could have allowed the...

SUSE SLED15 / SLES15 Security Update : perl (SUSE-SU-2020:1682-2)

This update for perl fixes the following issues : CVE-2020-10543: Fixed a heap buffer overflow in regular expression compiler which could have allowed overwriting of allocated memory with attacker's data bsc1171863. CVE-2020-10878: Fixed multiple integer overflows which could have allowed the...

OPENSUSE-SU-2020:0850-1 Security update for perl

This update for perl fixes the following issues: - CVE-2020-10543: Fixed a heap buffer overflow in regular expression compiler which could have allowed overwriting of allocated memory with attacker's data bsc1171863. - CVE-2020-10878: Fixed multiple integer overflows which could have allowed the...

Design/Logic Flaw

An issue was discovered in the jsrsasign package through 8.0.18 for Node.js. It allows a malleability in ECDSA signatures by not checking overflows in the length of a sequence and '0' characters appended or prepended to an integer. The modified signatures are verified as valid. This could have a...

Security update for perl (important)

openSUSE Security Update: Security update for perl Announcement ID: openSUSE-SU-2020:0850-1 Rating: important References: 1171863 1171864 1171866 1172348 Cross-References: CVE-2020-10543 CVE-2020-10878 CVE-2020-12723 Affected Products: openSUSE Leap 15.1 An update that solves three vulnerabilitie...

CVE-2020-11039

In FreeRDP less than or equal to 2.0.0, when using a manipulated server with USB redirection enabled nearly arbitrary memory can be read and written due to integer overflows in length checks. This has been patched in 2.1.0. Mitigation To mitigate this flaw, do not enable USB redirection in the...

DEBIAN-CVE-2020-13822

The Elliptic package 6.5.2 for Node.js allows ECDSA signature malleability via variations in encoding, leading '\0' bytes, or integer overflows. This could conceivably have a security-relevant impact if an application relied on a single canonical signature...

UBUNTU-CVE-2020-13822

The Elliptic package 6.5.2 for Node.js allows ECDSA signature malleability via variations in encoding, leading '\0' bytes, or integer overflows. This could conceivably have a security-relevant impact if an application relied on a single canonical signature...

Integer overflow

The Elliptic package 6.5.2 for Node.js allows ECDSA signature malleability via variations in encoding, leading '\0' bytes, or integer overflows. This could conceivably have a security-relevant impact if an application relied on a single canonical signature...