267 matches found
SUSE SLES15 / openSUSE 15 Security Update : podofo (SUSE-SU-2024:3550-1)
The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3550-1 advisory. - CVE-2015-8981: Fixed heap overflow in the function ReadXRefSubsection bsc1023190 - CVE-2017-6840: Fixed invalid memory read in...
SUSE-SU-2024:3541-1 Security update for podofo
This update for podofo fixes the following issues: - CVE-2015-8981: Fixed heap overflow in the function ReadXRefSubsection bsc1023190 - CVE-2017-6840: Fixed invalid memory read in ColorChanger::GetColorFromStack colorchanger.cpp bsc1027787 - CVE-2017-6841: Fixed NULL pointer dereference in...
SUSE-SU-2024:2302-1 Security update for krb5
This update for krb5 fixes the following issues: - CVE-2024-37370: Fixed confidential GSS krb5 wrap tokens with invalid fields were errouneously accepted bsc1227186. - CVE-2024-37371: Fixed invalid memory read when processing message tokens with invalid length fields bsc1227187...
RHEL 6 : mingw-virt-viewer (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gstreamer-plugins-bad-free: Invalid memory read in gstpsdemuxparsepsm CVE-2017-5848 - The...
RHEL 6 : dosfstools (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - dosfstools: Heap-buffer-overflows in readfat and getfat functions CVE-2016-4804 - The setfat function in...
RHEL 5 : dosfstools (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - dosfstools: Heap-buffer-overflows in readfat and getfat functions CVE-2016-4804 - The setfat function in...
RHEL 7 : dosfstools (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - dosfstools: Heap-buffer-overflows in readfat and getfat functions CVE-2016-4804 - The setfat function in...
RHEL 7 : gstreamer-plugins-bad-free (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gstreamer-plugins-bad-free: Off-by-one read in gsth264parsesetcaps CVE-2016-9809 - Integer overflow in th...
RHEL 5 : gstreamer-plugins-good (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gstreamer-plugins-good: Heap buffer overflow in FLIC decoder CVE-2016-9636 - The qtdemuxtagaddstrfull...
RHEL 7 : pcre (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - pcre: stack-based buffer overflow write in pcre32copysubstring CVE-2017-7246 - In PCRE 8.41, the OPKETRMA...
RHEL 7 : gstreamer-plugins-good (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gstreamer-plugins-good: Heap buffer overflow in FLIC decoder CVE-2016-9636 - The gstaacparsesinksetcaps...
Ubuntu 16.04 ESM : WildMIDI vulnerabilities (USN-4807-1)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4807-1 advisory. It was discovered that WildMIDI incorrectly handled certain MID files. A remote attacker could possibly use this issue to cause a denial of service...
CVE-2023-37556
In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition...
CVE-2023-37545
In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition...
Denial Of Services (DoS)
libming.so is vulnerable to Denial Of Services DoS. The vulnerability exists due to an invalid memory read in the stackVal function of decompile.c, which allows an attacker to cause an application crash...
SUSE CVE-2017-8845
The lzo1xdecompress function in lzo1xd.ch in LZO 2.08, as used in lrzip 0.631, allows remote attackers to cause a denial of service invalid memory read and application crash via a crafted archive...
SUSE CVE-2017-12935
The ReadMNGImage function in coders/png.c in GraphicsMagick 1.3.26 mishandles large MNG images, leading to an invalid memory read in the SetImageColorCallBack function in magick/image.c...
SUSE CVE-2018-12982
Invalid memory read in the PoDoFo::PdfVariant::DelayedLoad function in PdfVariant.h in PoDoFo 0.9.6-rc1 allows remote attackers to have denial-of-service impact via a crafted file...
SUSE CVE-2018-15378
A vulnerability in ClamAV versions prior to 0.100.2 could allow an attacker to cause a denial of service DoS condition. The vulnerability is due to an error related to the MEW unpacker within the "unmew11" function libclamav/mew.c, which can be exploited to trigger an invalid read memory access v...
SUSE CVE-2019-10654
The lzo1xdecompress function in liblzo2.so.2 in LZO 2.10, as used in Long Range Zip aka lrzip 0.631, allows remote attackers to cause a denial of service invalid memory read and application crash via a crafted archive, a different vulnerability than CVE-2017-8845...