[SECURITY] [DLA 2197-1] miniupnpc security update

Package : miniupnpc Version : 1.9.20140610-2+deb8u2 CVE ID : CVE-2017-8798 It was discovered that there was a integer signedness error in the miniupnpc UPnP client that could allow remote attackers to cause a denial of service attack. For Debian 8 "Jessie", this problem has been fixed in version...

Denial Of Service (DoS)

kernel is vulnerable to denial of service DoS. The vulnerability exists as an integer signedness error in nextpidmap could allow a local, unprivileged user to cause a denial of service...

Arbitrary Code Execution

openoffice.org is vulnerable to arbitrary code execution. The vulnerability exists as an array index error and an integer signedness error were found in the way OpenOffice.org parsed certain Rich Text Format RTF files. An attacker could use these flaws to create a specially-crafted RTF file that,...

Arbitrary Code Execution

python is vulnerable to arbitrary code execution. An integer signedness error, leading to a buffer overflow, was found in the Python zlib extension module. If a Python application requested the negative byte count be flushed for a decompression stream, it could cause the application to crash or,...

CVE-2019-20561

An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 Exynos chipsets software. The bootloader has an integer signedness error. The Samsung ID is SVE-2019-15230 October 2019...

Integer overflow

An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 Exynos chipsets software. The bootloader has an integer signedness error. The Samsung ID is SVE-2019-15230 October 2019...

CVE-2019-20561

An issue was discovered on Samsung mobile devices with N7.x, O8.x, and P9.0 Exynos chipsets software. The bootloader has an integer signedness error. The Samsung ID is SVE-2019-15230 October 2019...

CVE-2019-19945

uhttpd in OpenWrt through 18.06.5 and 19.x through 19.07.0-rc2 has an integer signedness error. This leads to out-of-bounds access to a heap buffer and a subsequent crash. It can be triggered with an HTTP POST request to a CGI script, specifying both "Transfer-Encoding: chunked" and a large...

CVE-2019-19945

CVE-2019-19945 affects OpenWrt/uhttpd. A signedness error in uhttpd up to 18.06.5 and 19.x up to 19.07.0-rc2 allows out-of-bounds access to a heap buffer, leading to a crash. The issue can be triggered by a remote HTTP POST to a CGI script with Transfer-Encoding: chunked and a large negative Cont...

CVE-2019-19945

uhttpd in OpenWrt through 18.06.5 and 19.x through 19.07.0-rc2 has an integer signedness error. This leads to out-of-bounds access to a heap buffer and a subsequent crash. It can be triggered with an HTTP POST request to a CGI script, specifying both "Transfer-Encoding: chunked" and a large...

CVE-2017-18350

bitcoind and Bitcoin-Qt prior to 0.15.1 have a stack-based buffer overflow if an attacker-controlled SOCKS proxy server is used. This results from an integer signedness error when the proxy server responds with an acknowledgement of an unexpected target domain name...

CVE-2017-18350

bitcoind and Bitcoin-Qt prior to 0.15.1 have a stack-based buffer overflow if an attacker-controlled SOCKS proxy server is used. This results from an integer signedness error when the proxy server responds with an acknowledgement of an unexpected target domain name...

Stack overflow

bitcoind and Bitcoin-Qt prior to 0.15.1 have a stack-based buffer overflow if an attacker-controlled SOCKS proxy server is used. This results from an integer signedness error when the proxy server responds with an acknowledgement of an unexpected target domain name...

CVE-2017-18350

Affected software: bitcoind and Bitcoin-Qt prior to 0.15.1. Issue: a stack-based buffer overflow caused by a signedness error when a attacker-controlled SOCKS proxy responds with an acknowledgement to an unexpected domain name. Impact details are consistent with the CVE, including a partial avail...

CVE-2017-18350

Removed by vendor...

CVE-2017-18350

bitcoind and Bitcoin-Qt prior to 0.15.1 have a stack-based buffer overflow if an attacker-controlled SOCKS proxy server is used. This results from an integer signedness error when the proxy server responds with an acknowledgement of an unexpected target domain name...

CVE-2011-0699

Integer signedness error in the btrfsioctlspaceinfo function in the Linux kernel 2.6.37 allows local users to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via a crafted slot value...

Integer overflow

Integer signedness error in the btrfsioctlspaceinfo function in the Linux kernel 2.6.37 allows local users to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact via a crafted slot value...

CVE-2019-20427

In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic, and possibly remote code execution, due to the lack of validation for specific fields of packets sent by a client. Interaction between reqcapsulegetsize and tgtbrwwrite leads to a tgtshortio2pages integer...

CVE-2019-20423

In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic due to the lack of validation for specific fields of packets sent by a client. The function targethandleconnect mishandles a certain size value when a client connects to a server, because of an integer...