4753 matches found
Security update for xorg-x11-server (important)
openSUSE Security Update: Security update for xorg-x11-server Announcement ID: openSUSE-SU-2020:1279-1 Rating: important References: 1174633 1174635 1174638 Cross-References: CVE-2020-14345 CVE-2020-14346 CVE-2020-14347 Affected Products: openSUSE Leap 15.1 An update that fixes three...
MGASA-2020-0350 Updated x11-server packages fix security vulnerabilities
The handler for the XkbSetNames request does not validate the request length before accessing its contents CVE-2020-14345. An integer underflow exists in the handler for the XIChangeHierarchy request CVE-2020-14346. An integer underflow exist in the handler for the XkbSelectEvents request...
Updated x11-server packages fix security vulnerabilities
The handler for the XkbSetNames request does not validate the request length before accessing its contents CVE-2020-14345. An integer underflow exists in the handler for the XIChangeHierarchy request CVE-2020-14346. An integer underflow exist in the handler for the XkbSelectEvents request...
libIEC61850 Integer Overflow Vulnerability
libIEC61850 is an open source GPLv3 implementation of the IEC 61850 client and server libraries. An integer underflow vulnerability exists in versions of libIEC61850 prior to 1.4.3, which can be exploited by an attacker to cause a heap buffer overflow, crash an application, or enable remote code...
CVE-2020-15158
In libIEC61850 before version 1.4.3, when a message with COTP message length field with value 4 is received an integer underflow will happen leading to heap buffer overflow. This can cause an application crash or on some platforms even the execution of remote code. If your application is used in...
CVE-2020-15158
In libIEC61850 before version 1.4.3, when a message with COTP message length field with value 4 is received an integer underflow will happen leading to heap buffer overflow. This can cause an application crash or on some platforms even the execution of remote code. If your application is used in...
Heap overflow
In libIEC61850 before version 1.4.3, when a message with COTP message length field with value 4 is received an integer underflow will happen leading to heap buffer overflow. This can cause an application crash or on some platforms even the execution of remote code. If your application is used in...
CVE-2020-15158
CVE-2020-15158 affects libIEC61850 up to version 1.4.x; when receiving a COTP message with length
CVE-2020-15158 Heap buffer overflow in libIEC61850
In libIEC61850 before version 1.4.3, when a message with COTP message length field with value 4 is received an integer underflow will happen leading to heap buffer overflow. This can cause an application crash or on some platforms even the execution of remote code. If your application is used in...
UBUNTU-CVE-2020-14361
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
CVE-2020-14361
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
CVE-2020-14346
A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
CVE-2020-14362
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
UBUNTU-CVE-2020-14346
A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
UBUNTU-CVE-2020-14362
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
SUSE SLES12 Security Update : xorg-x11-server (SUSE-SU-2020:2325-1)
This update for xorg-x11-server fixes the following issues : CVE-2020-14347: Leak of uninitialized heap memory from the X server to clients on pixmap allocation bsc1174633, ZDI-CAN-11426. CVE-2020-14346: XIChangeHierarchy Integer Underflow Privilege Escalation Vulnerability bsc1174638,...
SUSE SLED15 / SLES15 Security Update : xorg-x11-server (SUSE-SU-2020:2241-1)
This update for xorg-x11-server fixes the following issues : CVE-2020-14347: Leak of uninitialized heap memory from the X server to clients on pixmap allocation bsc1174633, ZDI-CAN-11426. CVE-2020-14346: XIChangeHierarchy Integer Underflow Privilege Escalation Vulnerability bsc1174638,...
SUSE SLED15 / SLES15 Security Update : xorg-x11-server (SUSE-SU-2020:2240-1)
This update for xorg-x11-server fixes the following issues : CVE-2020-14347: Leak of uninitialized heap memory from the X server to clients on pixmap allocation bsc1174633, ZDI-CAN-11426. CVE-2020-14346: XIChangeHierarchy Integer Underflow Privilege Escalation Vulnerability bsc1174638,...
FreeBSD : xorg-server -- Multiple input validation failures in X server extensions (ffa15b3b-e6f6-11ea-8cbf-54e1ad3d6335)
The X.org project reports : All theses issuses can lead to local privileges elevation on systems where the X server is running privileged. The handler for the XkbSetNames request does not validate the request length before accessing its contents. An integer underflow exists in the handler for the...
CVE-2020-17395
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...