Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2018-1426)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for vlc (openSUSE-SU-2019:1840-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2019-16535

In all versions of ClickHouse before 19.14, an OOB read, OOB write and integer underflow in decompression algorithms can be used to achieve RCE or DoS via native protocol...

CVE-2019-16535

ClickHouse vulnerability CVE-2019-16535 affects all versions before 19.14. The root cause is an out-of-bounds read/write and an integer underflow in decompression algorithms used by the native protocol, which can lead to remote code execution or denial of service via the native protocol. Affected...

CVE-2019-16535

In all versions of ClickHouse before 19.14, an OOB read, OOB write and integer underflow in decompression algorithms can be used to achieve RCE or DoS via native protocol...

EulerOS 2.0 SP3 : gdk-pixbuf2 (EulerOS-SA-2019-2585)

According to the versions of the gdk-pixbuf2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Integer overflow in io-ico.c in gdk-pixbuf allows context-dependent attackers to cause a denial of service segmentation fault and applicati...

EulerOS 2.0 SP3 : perl (EulerOS-SA-2019-2648)

According to the versions of the perl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - 1 cpan/Archive-Tar/bin/ptar, 2 cpan/Archive-Tar/bin/ptardiff, 3 cpan/Archive-Tar/bin/ptargrep, 4 cpan/CPAN/scripts/cpan, 5 cpan/Digest-SHA/shasum,...

Cisco Firepower Threat Defense Software SIP Inspection DoS (cisco-sa-20191002-asa-ftd-sip-dos)

A denial of service DoS vulnerability exists in the Session Initiation Protocol SIP inspection module of Cisco Firepower Threat Defense FTD due to improper parsing of SIP messages. An unauthenticated, remote attacker can exploit this issue by sending a malicious SIP packet to an affected device...

EulerOS 2.0 SP5 : libguestfs-winsupport (EulerOS-SA-2019-2126)

According to the version of the libguestfs-winsupport package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by running /bin/ntfs-3g with...

EulerOS 2.0 SP5 : perl (EulerOS-SA-2019-2220)

According to the versions of the perl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Integer underflow in regcomp.c in Perl before 5.20, as used in Apple OS X before 10.10.5 and other products, allows context-dependent attackers to...

EulerOS 2.0 SP3 : libguestfs-winsupport (EulerOS-SA-2019-2253)

According to the version of the libguestfs-winsupport package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by running /bin/ntfs-3g with...

CVE-2019-5099

An exploitable integer underflow vulnerability exists in the CMP-parsing functionality of LEADTOOLS 20. A specially crafted CMP image file can cause an integer underflow, potentially resulting in code execution. An attacker can specially craft a CMP image to trigger this vulnerability...

CVE-2019-5099

An exploitable integer underflow vulnerability exists in the CMP-parsing functionality of LEADTOOLS 20. A specially crafted CMP image file can cause an integer underflow, potentially resulting in code execution. An attacker can specially craft a CMP image to trigger this vulnerability...

Integer overflow

An exploitable integer underflow vulnerability exists in the CMP-parsing functionality of LEADTOOLS 20. A specially crafted CMP image file can cause an integer underflow, potentially resulting in code execution. An attacker can specially craft a CMP image to trigger this vulnerability...

CVE-2019-5099

The CVE-2019-5099 issue affects LEADTOOLS 20, specifically the CMP-parsing code. A vulnerability in the CMP data handling can underflow the parsed size when the current data size field is set to 1, leading to a heap buffer overflow during a memmove and potentially enabling code execution. TALOS d...

CVE-2019-5099

An exploitable integer underflow vulnerability exists in the CMP-parsing functionality of LEADTOOLS 20. A specially crafted CMP image file can cause an integer underflow, potentially resulting in code execution. An attacker can specially craft a CMP image to trigger this vulnerability...

Vulnerability Spotlight: Code execution vulnerabilities in LEADTOOLS

Marcin Towalski and Cory Duplantis of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered multiple vulnerabilities in the LEADTOOLS line of imaging toolkits. LEADTOOLS is a collection of toolkits designed to perform a variety of functions aimed at...

ntfs-3g: heap-based buffer overflow leads to local root privilege escalation

An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by running /bin/ntfs-3g with specially crafted arguments from a specially crafted directory to cause a heap buffer overflow, resulting in a crash or the ability to execute arbitrary code. In...

LEADTOOLS CMP-parsing code execution vulnerability

Summary An exploitable integer underflow vulnerability exists in the CMP-parsing functionality of LEADTOOLS 20. A specially crafted CMP image file can cause an integer underflow, potentially resulting in code execution. An attacker can specially craft a CMP image to trigger this vulnerability...

Cisco Adaptive Security Appliance Software SIP Inspection DoS (cisco-sa-20191002-asa-ftd-sip-dos)

A denial of service DoS vulnerability exists in the Session Initiation Protocol SIP inspection module of Cisco Adaptive Security Appliance ASA due to improper parsing of SIP messages. An unauthenticated, remote attacker can exploit this issue by sending a malicious SIP packet to an affected devic...