CVE-2019-19958

In libIEC61850 1.4.0, StringUtilscreateStringFromBuffer in common/stringutilities.c has an integer signedness issue that could lead to an attempted excessive memory allocation and denial of service...

Integer overflow

In libIEC61850 1.4.0, StringUtilscreateStringFromBuffer in common/stringutilities.c has an integer signedness issue that could lead to an attempted excessive memory allocation and denial of service...

CVE-2019-19958

In CVE-2019-19958, the affected component is libIEC61850 1.4.0, specifically StringUtils_createStringFromBuffer in common/string_utilities.c. A signedness issue in integer handling could allow an under/over-approximation during buffer processing, potentially triggering an excessive memory allocat...

CVE-2019-19930

In libIEC61850 1.4.0, MmsValuenewOctetString in mms/isomms/common/mmsvalue.c has an integer signedness error that can lead to an attempted excessive memory allocation...

CVE-2019-19930

In libIEC61850 1.4.0, MmsValuenewOctetString in mms/isomms/common/mmsvalue.c has an integer signedness error that can lead to an attempted excessive memory allocation...

CVE-2019-19930

libIEC61850 1.4.0 contains an integer signedness error in MmsValue_newOctetString (mms/iso_mms/common/mms_value.c) that can trigger an excessive memory allocation. Publicly reported across multiple sources (NVD, Red Hat, OSV, CNVD, CVE listing) with the same description, the flaw may result in a ...

CVE-2019-19930

In libIEC61850 1.4.0, MmsValuenewOctetString in mms/isomms/common/mmsvalue.c has an integer signedness error that can lead to an attempted excessive memory allocation...

Debian: Security Advisory (DLA-2010-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-2011-1 : xmlrpc-epi security update

An issue in xmlrpc-epi, an XML-RPC request serialisation/deserialisation library, has been found. An integer signedness error in the simplestringaddn function in simplestring.c in xmlrpc-epi could be used for a heap based buffer overflow and possibly execution of arbitrary code. For Debian 8...

[SECURITY] [DLA 2010-1] bsdiff security update

Package : bsdiff Version : 4.3-15+deb8u1 CVE ID : CVE-2014-9862 An issue in bsdiff, a tool to generate/apply a patch between two binary files, has been found. Using a crafted patch file an integer signedness error in bspatch could be used for a heap based buffer overflow and possibly execution of...

EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1531)

According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the...

Sandbox Restrictions Bypass

The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. An out-of-bounds write flaw was found in the JPEG image format decoder in the AWT component in OpenJDK. A specially crafted JPEG image could cause a Java application to...

Heap-Based Buffer Overflow

FreeType is a free, high-quality, portable font engine that can open and manage font files. It also loads, hints, and renders individual glyphs efficiently. Multiple integer overflow flaws and an integer signedness flaw, leading to heap-based buffer overflows, were found in the way FreeType handl...

Remote Code Execution (RCE)

php is vulnerable to remote code execution. An integer signedness issue, leading to a heap-based buffer underflow, was found in the PHP scandir function. If a remote attacker could upload an excessively large number of files to a directory the scandir function runs on, it could cause the PHP...

DEBIAN-CVE-2019-7251

An Integer Signedness issue for a return code in the respjsipsdprtp module in Digium Asterisk versions 15.7.1 and earlier and 16.1.1 and earlier allows remote authenticated users to crash Asterisk via a specially crafted SDP protocol violation...

CVE-2019-7251

An Integer Signedness issue for a return code in the respjsipsdprtp module in Digium Asterisk versions 15.7.1 and earlier and 16.1.1 and earlier allows remote authenticated users to crash Asterisk via a specially crafted SDP protocol violation...

CVE-2019-7251

An Integer Signedness issue for a return code in the respjsipsdprtp module in Digium Asterisk versions 15.7.1 and earlier and 16.1.1 and earlier allows remote authenticated users to crash Asterisk via a specially crafted SDP protocol violation...

ALPINE-CVE-2019-7251

An Integer Signedness issue for a return code in the respjsipsdprtp module in Digium Asterisk versions 15.7.1 and earlier and 16.1.1 and earlier allows remote authenticated users to crash Asterisk via a specially crafted SDP protocol violation...

UBUNTU-CVE-2019-7251

An Integer Signedness issue for a return code in the respjsipsdprtp module in Digium Asterisk versions 15.7.1 and earlier and 16.1.1 and earlier allows remote authenticated users to crash Asterisk via a specially crafted SDP protocol violation...

CVE-2019-7251

An Integer Signedness issue for a return code in the respjsipsdprtp module in Digium Asterisk versions 15.7.1 and earlier and 16.1.1 and earlier allows remote authenticated users to crash Asterisk via a specially crafted SDP protocol violation...