Arbitrary Code Execution

procps is vulnerable to arbitrary code execution attacks. The vulnerability exists as procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. This allows a privilege escalation for a local attacker who can create entries in...

Arbitrary Code Execution

curl is vulnerable to arbitrary code execution attacks. The vulnerability exists as multiple integer overflows in the 1 curlescape, 2 curleasyescape, 3 curlunescape, and 4 curleasyunescape functions in libcurl before 7.50.3 allow attackers to have unspecified impact via a string of length...

Denial Of Service (DoS)

gegl is vulnerable to denial of service DoS attacks. The vulnerability exists as multiple integer overflows in operations/external/ppm-load.c in GEGL Generic Graphics Library 0.2.0 allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a large...

Denial Of Service (DoS)

xorg-x11-apps is vulnerable to denial of service DoS attacks. The vulnerability exists due to multiple integer overflows in X.org libchromeXvMC and libchromeXvMCPro in openChrome 0.3.2 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors relat...

CVE-2018-6174

Integer overflows in Swiftshader in Google Chrome prior to 68.0.3440.75 potentially allowed a remote attacker to execute arbitrary code via a crafted HTML page...

CVE-2018-6174

Removed by vendor...

CVE-2018-6174

CVE-2018-6174 : An integer overflow in the SwiftShader library used by Google Chrome/Chromium prior to 68.0.3440.75 allows remote code execution via a crafted HTML page. Public notes across connected sources confirm the issue in Chromium/Chrome’s SwiftShader component, with Debian/DSA and Gentoo ...

CVE-2018-6174

Integer overflows in Swiftshader in Google Chrome prior to 68.0.3440.75 potentially allowed a remote attacker to execute arbitrary code via a crafted HTML page...

Debian: Security Advisory (DLA-1631-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES11 Security Update : kvm (SUSE-SU-2018:3987-1)

This update for kvm fixes the following issues : Security issues fixed : CVE-2018-10839: Fixed NE2000 NIC emulation support that is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use...

Debian DSA-4338-1 : qemu - security update

Integer overflows in the processing of packets in network cards emulated by QEMU, a fast processor emulator, could result in denial of service. In addition this update backports support to passthrough the new CPU features added in the intel-microcode update shipped in DSA 4273 to x86-based guests...

Debian: Security Advisory (DSA-4338-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

spice-server security update

0.12.4-16.2 - Prevent potential buffer/integer overflows with invalid MonitorsConfig messages sent from an authenticated client Resolves: CVE-2017-7506 0.12.4-16.1 - Fix flexible array buffer overflow Resolves: rhbz1596008...

EulerOS Virtualization 2.5.0 : procps-ng (EulerOS-SA-2018-1340)

According to the versions of the procps-ng package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - If the HOME environment variable is unset or empty, top will read its configuration file from the current working directory...

openSUSE: Security Advisory for exiv2 (openSUSE-SU-2018:3306-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for exiv2 (moderate)

This update for exiv2 fixes the following issues: exiv2 was updated to latest 0.26 branch, fixing bugs and security issues: - CVE-2018-12264, CVE-2018-12265: Integer overflows in the LoaderExifJpeg class could lead to memory corruption bsc1097599...

CVE-2018-18438

Qemu has integer overflows because IOReadHandler and its associated functions use a signed integer data type for a size value...

CVE-2018-16070

Integer overflows in Skia in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

RHEL 6 : procps (RHSA-2018:2268)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2268 advisory. The procps packages contain a set of system utilities that provide system information. The procps packages include the following utilities:...

Important: Red Hat Security Advisory: procps security update

An update for procps is now available for Red Hat Enterprise Linux 6.6 Advanced Update Support and Red Hat Enterprise Linux 6.6 Telco Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base...