Cisco Adaptive Security Appliance Software SIP Inspection DoS (cisco-sa-20191002-asa-ftd-sip-dos)

A denial of service DoS vulnerability exists in the Session Initiation Protocol SIP inspection module of Cisco Adaptive Security Appliance ASA due to improper parsing of SIP messages. An unauthenticated, remote attacker can exploit this issue by sending a malicious SIP packet to an affected devic...

Low: exiv2

Issue Overview: An integer underflow, leading to heap-based out-of-bound read, was found in the way Exiv2 library prints IPTC Photo Metadata embedded in an image. By persuading a victim to open a crafted image, a remote attacker could crash the application or possibly retrieve a portion of...

Google Android Information Disclosure Vulnerability (CNVD-2019-36406)

Android is a Linux-based open source operating system jointly developed by Google Inc. and the Open Handheld Alliance OHA for short. An information disclosure vulnerability exists in Google Android 7.1.1, 7.1.2, 8.0, 8.1, 9, and 10. The vulnerability stems from an out-of-bounds read issue caused ...

CVE-2019-2187

In nfcncifdecoderfparams of nfcncif.cc, there is a possible out of bounds read due to an integer underflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-7.1.1...

CVE-2019-2187

In nfcncifdecoderfparams of nfcncif.cc, there is a possible out of bounds read due to an integer underflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-7.1.1...

CVE-2019-2187

CVE-2019-2187 affects Android where an out-of-bounds read can occur in nfc_ncif_decode_rf_params in nfc_ncif.cc due to an integer underflow, enabling local information disclosure without user interaction. Affected Android versions include 7.1.1, 7.1.2, 8.0, 8.1, 9, and 10. The Red Hat and CVE rec...

CVE-2016-6302

An integer underflow flaw leading to a buffer over-read was found in the way OpenSSL parsed TLS session tickets. A remote attacker could use this flaw to crash a TLS server using OpenSSL if it used SHA-512 as HMAC for session tickets...

CVE-2019-12678

A vulnerability in the Session Initiation Protocol SIP inspection module of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The...

CVE-2019-12678

A vulnerability in the Session Initiation Protocol SIP inspection module of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The...

CVE-2019-12678 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SIP Inspection Denial of Service Vulnerability

A vulnerability in the Session Initiation Protocol SIP inspection module of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The...

Interpeak IPnet TCP/IP Stack (Update E)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION : Exploitable remotely/low attack complexity/public exploits are available Vendor : ENEA, Green Hills Software, ITRON, IP Infusion, Wind River Equipment : OSE by ENEA, INTEGRITY RTOS by Green Hills Software, ITRON, ZebOS by IP Infusion, and...

EulerOS 2.0 SP2 : openssl098e (EulerOS-SA-2019-1861)

According to the versions of the openssl098e package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An integer underflow flaw, leading to a buffer overflow, was found in the way OpenSSL decoded malformed Base64-encoded inputs. An attacker...

Microsoft Windows JET Database Engine Integer Underflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET database...

Microsoft Windows JET Database Engine Integer Underflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET database...

KLA11761 Multiple vulnerabilities in VLC media player

Multiple vulnerabilities were found in VLC media player. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. Integer Underflow vulnerability can be exploited to cause a denial of service; 2. Heap-based buffer over-read...

Security update for schismtracker (important)

openSUSE Security Update: Security update for schismtracker Announcement ID: openSUSE-SU-2019:2019-1 Rating: important References: 1144261 1144266 Cross-References: CVE-2019-14523 CVE-2019-14524 Affected Products: openSUSE Backports SLE-15-SP1 openSUSE Backports SLE-15 An update that fixes two...

OPENSUSE-SU-2019:2019-1 Security update for schismtracker

This update for schismtracker fixes the following issues: The following security issues were fixed: - CVE-2019-14523: Fixed an integer underflow in the Amiga Oktalyzer parser boo1144266. - CVE-2019-14524: Fixed a heap overflow in the MTM loader boo1144261. The following non-security issues were...

CVE-2018-20989

An issue was discovered in the untrusted crate before 0.6.2 for Rust. Error handling can trigger an integer underflow and panic...

CVE-2018-20989

An issue was discovered in the untrusted crate before 0.6.2 for Rust. Error handling can trigger an integer underflow and panic...

Integer overflow

An issue was discovered in the untrusted crate before 0.6.2 for Rust. Error handling can trigger an integer underflow and panic...