CVE-2018-14325

In MP4v2 2.0.0, there is an integer underflow with resultant memory corruption when parsing MP4Atom in mp4atom.cpp...

CVE-2018-14325

Removed by vendor...

openssl: Truncated packet could crash via OOB read

An integer underflow leading to an out of bounds read flaw was found in OpenSSL. A remote attacker could possibly use this flaw to crash a 32-bit TLS/SSL server or client using OpenSSL if it used the RC4-MD5 cipher suite...

openssl: Truncated packet could crash via OOB read

An integer underflow leading to an out of bounds read flaw was found in OpenSSL. A remote attacker could possibly use this flaw to crash a 32-bit TLS/SSL server or client using OpenSSL if it used the RC4-MD5 cipher suite...

openssl: Insufficient TLS session ticket HMAC length checks

An integer underflow flaw leading to a buffer over-read was found in the way OpenSSL parsed TLS session tickets. A remote attacker could use this flaw to crash a TLS server using OpenSSL if it used SHA-512 as HMAC for session tickets...

openssl: Insufficient TLS session ticket HMAC length checks

An integer underflow flaw leading to a buffer over-read was found in the way OpenSSL parsed TLS session tickets. A remote attacker could use this flaw to crash a TLS server using OpenSSL if it used SHA-512 as HMAC for session tickets...

openssl: Truncated packet could crash via OOB read

An integer underflow leading to an out of bounds read flaw was found in OpenSSL. A remote attacker could possibly use this flaw to crash a 32-bit TLS/SSL server or client using OpenSSL if it used the RC4-MD5 cipher suite...

CVE-2018-12230

An wrong logical check identified in the transferFrom function of a smart contract implementation for RemiCoin RMC, an Ethereum ERC20 token, allows the attacker to steal tokens or conduct resultant integer underflow attacks...

Integer overflow

An wrong logical check identified in the transferFrom function of a smart contract implementation for RemiCoin RMC, an Ethereum ERC20 token, allows the attacker to steal tokens or conduct resultant integer underflow attacks...

CVE-2018-12230

An wrong logical check identified in the transferFrom function of a smart contract implementation for RemiCoin RMC, an Ethereum ERC20 token, allows the attacker to steal tokens or conduct resultant integer underflow attacks...

PT-2018-3299 · Mutt +5 · Mutt +5

Name of the Vulnerable Software and Affected Versions: Mutt versions prior to 1.10.1 NeoMutt versions prior to 2018-07-16 Description: An issue was discovered in the imap quote string function of the imap/util.c file in Mutt and NeoMutt email clients. The issue is related to an integer underflow...

CVE-2018-5865

While processing a debug log event from firmware in all Android releases from CAF using the Linux kernel Android for MSM, Firefox OS for MSM, QRD Android before security patch level 2018-07-05, an integer underflow and/or buffer over-read can occur...

Integer overflow

While processing a debug log event from firmware in all Android releases from CAF using the Linux kernel Android for MSM, Firefox OS for MSM, QRD Android before security patch level 2018-07-05, an integer underflow and/or buffer over-read can occur...

CVE-2018-5865

CVE-2018-5865 affects Qualcomm fwlog in Android CAF/Linux kernel builds prior to the 2018-07-05 patch level. The issue is described as an integer underflow and/or buffer over-read in processing a debug log event, leading to information disclosure (high impact on confidentiality per CVSS3, local, ...

CVE-2018-5865

While processing a debug log event from firmware in all Android releases from CAF using the Linux kernel Android for MSM, Firefox OS for MSM, QRD Android before security patch level 2018-07-05, an integer underflow and/or buffer over-read can occur...

EulerOS 2.0 SP2 : ruby (EulerOS-SA-2018-1206)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was found that the tmpdir and tempfile modules did not sanitize their file name argument. An attacker with control over the name could create...

EulerOS 2.0 SP3 : ruby (EulerOS-SA-2018-1207)

According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - It was found that the tmpdir and tempfile modules did not sanitize their file name argument. An attacker with control over the name could create...

An integer underflow could lead to panic

A mistake in error handling in untrusted before 0.6.2 could lead to an integer underflow and panic if a user of the crate didn't properly check for errors returned by untrusted. Combination of these two programming errors one in untrusted and another by user of this crate could lead to a panic an...

RUSTSEC-2018-0001 An integer underflow could lead to panic

A mistake in error handling in untrusted before 0.6.2 could lead to an integer underflow and panic if a user of the crate didn't properly check for errors returned by untrusted. Combination of these two programming errors one in untrusted and another by user of this crate could lead to a panic an...

Security Bulletin:Vulnerabilities in wpa_supplicant may affect PowerKVM (CVE-2015-1863 and CVE-2015-4142)

Summary Vulnerabilities in wpasupplicant may affect PowerKVM CVE-2015-1863 and CVE-2015-4142. These vulnerability are now fixed. Note that although the code exists in PowerKVM, the functionality is not enabled or supported as shipped. Vulnerability Details CVEID: CVE-2015-1863 DESCRIPTION:...