CVE-2017-9832

An integer overflow vulnerability in ptp-pack.c ptpunpackOPL function of libmtp version 1.1.12 and below allows attackers to cause a denial of service out-of-bounds memory access or maybe remote code execution by inserting a mobile device into a personal computer through a USB cable...

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3312-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3312-1 advisory. It was discovered that the netfilter netlink implementation in the Linux kernel did not properly validate batch messages. A local attacker with the...

SUSE-SU-2017:1313-1 Security update for libxslt

This update for libxslt fixes the following issues: - CVE-2017-5029: The xsltAddTextString function in transform.c lacked a check for integer overflow during a size calculation, which allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page bsc1035905. -...

Fedora 24 : libnl3 (2017-7a5363b41d)

lib: check for integer overflow in nlmsgreserve rh1440788, rh1440789, CVE-2017-0553 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible witho...

MGASA-2017-0125 Updated libxslt packages fix security vulnerability

Holger Fuhrmannek discovered an integer overflow in the xsltAddTextString function in Libxslt. An attacker could use this to craft a malicious document that, when opened, could cause a denial of service application crash or possible execute arbitrary code CVE-2017-5029...

Integer overflow

Artifex jbig2dec 0.13, as used in Ghostscript, allows out-of-bounds writes because of an integer overflow in the jbig2buildhuffmantable function in jbig2huffman.c during operations on a crafted JBIG2 file, leading to a denial of service application crash or possibly execution of arbitrary code...

RedHat Update for glibc RHSA-2017:0680-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GNU C Library Integer Overflow Vulnerability

The GNU C Library a.k.a. glibc, libc6 is an open-source, free C language compiler released under the LGPL license. An integer overflow vulnerability exists in versions of GNU C Library prior to 2.21, which can be exploited by an attacker to cause a denial of service crash or possibly execute...

Fedora 24 : 2:qemu (2017-12394e2cc7)

CVE-2016-6836: vmxnet: Information leakage in vmxnet3completepacket bz 1366370 - CVE-2016-7909: pcnet: Infinite loop in pcnetrdraaddr bz 1381196 - CVE-2016-7994: virtio-gpu: memory leak in resourcecreate2d bz 1382667 - CVE-2016-8577: 9pfs: host memory leakage in v9fsread bz 1383286 -...

[SECURITY] [DLA 786-1] botan1.10 security update

Package : botan1.10 Version : 1.10.5-1+deb7u2 CVE ID : CVE-2016-9132 It was discovered that there was an integer overflow vulnerability in botan, a cryptography library. This could occur while parsing untrusted inputs such as X.509 certificates. For Debian 7 "Wheezy", this problem has been fixed ...

CVE-2016-7163

Integer overflow in the opjpicreatedecode function in pi.c in OpenJPEG allows remote attackers to execute arbitrary code via a crafted JP2 file, which triggers an out-of-bounds read or write...

PHP SPL Extended Integer Overflow Vulnerability

PHP PHP: Hypertext Preprocessor is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community.SPL Standard PHP Library is a collection of interfaces and class extensions for solving typical problems. SPL Standard PHP Library is an extensio...

Debian Security Advisory DSA 3630-1 (libgd2 - security update)

Secunia Research at Flexera Software discovered an integer overflow vulnerability within the gdContributionsAlloc function in libgd2, a library for programmatic graphics creation and manipulation. A remote attacker can take advantage of this flaw to cause a denial-of-service against an applicatio...

SUSE-SU-2016:1457-1 Security update for cyrus-imapd

Previous versions of cyrus-imapd would not allow its users to disable old protocols like SSLv1 and SSLv2 that are unsafe due to various known attacks like BEAST and POODLE. https://bugzilla.cyrusimap.org/showbug.cgi?id=3867 remedies this issue by adding the configuration option 'tlsversions' to...

openSUSE: Security Advisory for libotr, libotr2 (openSUSE-SU-2016:0732-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Update : libotr / libotr2 (openSUSE-2016-322)

libotr and libotr2 were updated to fix one security issue : - CVE-2016-2851: Integer overflow vulnerability allowed remote attackers to execute arbitrary code on 64 bit platforms boo969785 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

openSUSE: Security Advisory for libotr, libotr2 (openSUSE-SU-2016:0708-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-3512-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2015:2402-1 Security update for flash-player

This update for flash-player fixes the following issues: - CVE-2015-8644: Type confusion vulnerability that could lead to code execution. - CVE-2015-8651: Integer overflow vulnerability that could lead to code execution. - CVE-2015-8634, CVE-2015-8635, CVE-2015-8638, CVE-2015-8639, CVE-2015-8640,...

SUSE-SU-2015:1787-1 Security update for gtk2

gtk2 was updated to fix two security issues. These security issues were fixed: - CVE-2015-4491: Integer overflow in the makefiltertable function in pixops/pixops.c in gdk-pixbuf before 2.31.5, allowed remote attackers to execute arbitrary code or cause a denial of service heap-based buffer overfl...