CVE-2018-8781

The udlfbmmap function in drivers/gpu/drm/udl/udlfb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code...

CVE-2018-8781

The udlfbmmap function in drivers/gpu/drm/udl/udlfb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code...

Undefined Behavior Through Integer Overflow

libarchive.so is vulnerable to undefined behavior through integer overflow. The vulnerability is possible due to not properly handling timet value of m, allowing the attacker to pass malicious .mtree file...

Debian: Security Advisory (DLA-1329-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OPENSUSE-SU-2018:0813-1 Security update for nginx

This update for nginx to version 1.13.9 fixes the following issues: - CVE-2017-7529: nginx: Integer overflow in nginx range filter module allowed memory disclosure bsc1048265 This update also contains all updates and improvements in 1.13.9 upstream release...

CVE-2017-15862

In all Qualcomm products with Android releases from CAF using the Linux kernel, in wmaunifiedlinkradiostatseventhandler, the number of radio channels coming from firmware is not properly validated, potentially leading to an integer overflow vulnerability followed by a buffer overflow...

CVE-2017-15343

Huawei AR3200 Series Enterprise Router models running V200R006C10/V200R006C11/V200R007C00/V200R007C01/V200R007C02/V200R008C00/V200R008C10/V200R008C20/V200R008C30 are affected by an integer overflow vulnerability in SCTP message field validation. A remote, unauthenticated attacker could send a cra...

CVE-2017-17184

CVE-2017-17184 affects Huawei DP300/RP200/V600R006/TE30/TE40/TE50/TE60 etc. affected components: SOAP handling with insufficient input validation leading to an integer overflow when processing malformed SOAP packets by an authenticated, remote attacker; potential to reset a process (partial avail...

CVE-2017-17184

Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have an integer overflow vulnerability. Due to insufficient input validation, an...

Debian: Security Advisory (DLA-1084-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20180125)

Security Fixes : - An integer overflow vulnerability in ip6find1stfragopt function was found. A local attacker that has privileges of CAPNETRAW to open raw socket can cause an infinite loop inside the ip6find1stfragopt function. CVE-2017-7542, Moderate - The IPv6 fragmentation implementation in t...

CVE-2018-5727

In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the opjt1encodecblks function openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp file...

Debian: Security Advisory (DLA-891-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Blender BKE_curve_bevelList_make Integer Overflow Code Execution Vulnerability

Summary An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c converts curves to polygons. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the...

OPENSUSE-SU-2017:2893-1 Security update for SDL2

This update for SDL2 fixes the following issues: - CVE-2017-2888: An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL. A specially crafted file can cause an integer overflow resulting in too little memory being allocated which can lead to a buffer overflow...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

SUSE-SU-2017:2649-1 Security update for openjpeg2

This update for openjpeg2 fixes several issues. These security issues were fixed: - CVE-2016-10507: Integer overflow vulnerability in the bmp24toimage function allowed remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted bmp file bsc1056421...

InsideSecure MatrixSSL x509 certificate General Names Information Disclosure Vulnerability(CVE-2017-2782)

Summary An integer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a length counter to overflow, leading to a controlled out of bounds copy operation. To trigger this vulnerability, a...

RedHat Update for glibc RHSA-2017:1916-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2017-2820

An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF file can lead to an integer overflow causing out of bounds memory overwrite on the heap resulting in potential arbitrary code execution. To...