3104 matches found
Debian dla-3830 : libvpx-dev - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3830 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3830-1 [email protected] https://www.debian.org/lts/security/...
Updated aom packages fix security vulnerability
Integer overflow in libaom internal function imgallochelper can lead to heap buffer overflow. This function can be reached via 3 callers: Calling aomimgalloc with a large value of the dw, dh, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and so...
Updated libvpx packages fix security vulnerabilities
There exists integer overflows in libvpx in versions prior to 1.14.1. Calling vpximgalloc with a large value of the dw, dh, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpximaget struct may be invalid. Calling...
CVE-2024-5197
A flaw was found in libvpx. When creating images, libvpx trusts the width, height, and alignment of the user input. However, it does not properly validate the provided values. This flaw allows an attacker to craft user inputs or trick the user into opening crafted files, where these types of valu...
CVE-2024-5197
There exists interger overflows in libvpx in versions prior to 1.14.1. Calling vpximgalloc with a large value of the dw, dh, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpximaget struct may be invalid. Calling...
AZL-42963 CVE-2024-5197 affecting package libvpx 1.13.1-1
There exists interger overflows in libvpx in versions prior to 1.14.1. Calling vpximgalloc with a large value of the dw, dh, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpximaget struct may be invalid. Calling...
CVE-2024-5197
There exists interger overflows in libvpx in versions prior to 1.14.1. Calling vpximgalloc with a large value of the dw, dh, or align parameter may result in integer overflows in the calculations of buffer sizes and offsets and some fields of the returned vpximaget struct may be invalid. Calling...
RHEL 5 : libxxf86dga (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libXxf86dga: Array Index error leading to heap-based OOB write CVE-2013-2000 - Multiple integer overflows...
RHEL 7 : p11-kit (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - p11-kit: out-of-bounds read in p11rpcbuffergetbytearray function in rpc-message.c CVE-2020-29362 - An iss...
RHEL 5 : libxi (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libXi: Multiple Array Index error leading to heap-based OOB write CVE-2013-1998 - libXi: Insufficient...
RHEL 7 : libxtst (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libXtst: Insufficient validation of server responses result in Integer overflows CVE-2016-7951 - X.org...
RHEL 7 : libjpeg-turbo (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libjpeg-turbo: Invalid memory access in the fillinputbuffer function CVE-2017-9614 - libjpeg-turbo: sever...
RHEL 7 : gdk-pixbuf (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gdk-pixbuf: Integer overflows in various pixops functions CVE-2015-8875 - io-tga.c in gdk-pixbuf before...
RHEL 6 : libxtst (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libXtst: Insufficient validation of server responses result in Integer overflows CVE-2016-7951 - X.org...
RHEL 5 : libxext (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libXext: Multiple integer overflows leading to heap-based buffer-overflows CVE-2013-1982 Note that Nessus has not...
RHEL 5 : hardlink (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - hardlink: Multiple integer overflows, when adding string lengths CVE-2011-3631 - Hardlink before 0.1.2...
RHEL 8 : libjpeg-turbo (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libjpeg-turbo: several integer overflows and subsequent segfaults when attempting to compress/decompress...
RHEL 5 : libdmx (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libdmx: Multiple integer overflows leading to heap-based bufer overflows CVE-2013-1992 Note that Nessus has not...
RHEL 5 : libxres (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libXRes: Multiple integer overflows leading to heap-based bufer overflows CVE-2013-1988 Note that Nessus has not...
RHEL 6 : hardlink (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - hardlink: Multiple integer overflows, when adding string lengths CVE-2011-3631 - Hardlink before 0.1.2...