1177 matches found
Oracle Linux 8 : libtiff (ELSA-2023-0095)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-0095 advisory. - Resolves: CVE-2022-2519 CVE-2022-2520 CVE-2022-2521 CVE-2022-2953 - Fix CVE-2022-2867 2118857 - Fix CVE-2022-2868 2118882 - Fix CVE-2022-2869 2118878...
RHEL 8 : libtiff (RHSA-2023:0095)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0095 advisory. The libtiff packages contain a library of functions for manipulating Tagged Image File Format TIFF files. Security Fixes: LibTiff: DoS from...
Updated libtiff packages fix security vulnerability
There is a double free or corruption in rotateImage at tiffcrop.c:8839 found in libtiff 4.4.0rc1. CVE-2022-2519 A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage at tiffcrop.c:8621 that can cause program crash when reading a crafted input. CVE-2022-2520 It w...
Denial Of Service (DoS)
libtiff.so is vulnerable to denial of service.The vulnerability exists in the TIFFClose function in tiffcrop.c due to invalid pointer free operation which allows an attacker to crash the system via a maliciously crafted file...
UBUNTU-CVE-2022-38153
An issue was discovered in wolfSSL before 5.5.0 when --enable-session-ticket is used; however, only version 5.3.0 is exploitable. Man-in-the-middle attackers or a malicious server can crash TLS 1.2 clients during a handshake. If an attacker injects a large ticket more than 256 bytes into a...
CVE-2022-2521
It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose at tifclose.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input...
ALPINE-CVE-2022-2521
It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose at tifclose.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input...
CVE-2022-2521
It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose at tifclose.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input...
CVE-2022-2521
It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose at tifclose.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input...
CVE-2022-2521
It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose at tifclose.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input...
CVE-2022-2521
It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose at tifclose.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input...
EulerOS Virtualization 2.10.1 : qemu (EulerOS-SA-2022-2071)
According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In QEMU 4.1.0, an out-of-bounds read flaw was found in the ATI VGA implementation. It occurs in the aticursordefine routine while...
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2022-2071)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15 Security Update : libslirp (SUSE-SU-2022:1465-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1465-1 advisory. - An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootpinp...
CVE-2022-21168
The affected product is vulnerable due to an invalid pointer initialization, which may lead to information disclosure...
CVE-2022-21168
The affected product is vulnerable due to an invalid pointer initialization, which may lead to information disclosure...
Information disclosure
The affected product is vulnerable due to an invalid pointer initialization, which may lead to information disclosure...
CVE-2022-21168 ICSA-22-090-03 Fuji Electric Alpha5
The affected product is vulnerable due to an invalid pointer initialization, which may lead to information disclosure...
CVE-2022-21168 ICSA-22-090-03 Fuji Electric Alpha5
The affected product is vulnerable due to an invalid pointer initialization, which may lead to information disclosure...
CVE-2021-3738
In DCE/RPC it is possible to share the handles cookies for resource state between multiple connections via a mechanism called 'association groups'. These handles can reference connections to our sam.ldb database. However while the database was correctly shared, the user credentials state was only...