UBUNTU-CVE-2018-3839

An exploitable code execution vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2image-2.0.2. A specially crafted XCF image can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can display a specially crafted image to...

CVE-2018-3838

An exploitable information vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2image-2.0.2. A specially crafted XCF image can cause an out-of-bounds read on the heap, resulting in information disclosure. An attacker can display a specially crafted image t...

kernel: memory leak when merging buffers in SCSI IO vectors

It was found that in the Linux kernel through v4.14-rc5, biomapuseriov and biounmapuser in 'block/bio.c' do unbalanced pages refcounting if IO vector has small consecutive buffers belonging to the same page. bioaddpcpage merges them into one, but the page reference is never dropped, causing a...

tcpdump: Buffer over-read in print-l2tp.c, several functions in L2TP parser

The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in print-l2tp.c, several functions...

tcpdump: Buffer over-read in print-lldp.c:lldp_private_8023_print() in LLDP parser

The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldpprivate8023print...

tcpdump: Buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print() in LLDP parser

The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldpmgmtaddrtlvprint...

PT-2018-16232 · Simple Directmedia Layer +1 · Sdl2 Image +1

Name of the Vulnerable Software and Affected Versions: Simple DirectMedia Layer SDL2 image version 2.0.2 Description: An issue exists in the XCF image rendering functionality, where a specially crafted XCF image can cause an out-of-bounds read on the heap, resulting in information disclosure. Thi...

McAfee Network Security Management Man-in-the-Middle Attack Vulnerability

McAfee Network Security Management NSM is a suite of network security solutions from McAfee that enables real-time monitoring of deployed McAfee intrusion prevention systems across the network. A security vulnerability exists in the SSL implementation of the servers in McAfee NSM. An attacker cou...

Cisco IOS XE Software Link Layer Discovery Protocol Buffer Overflow Vulnerabilities (cisco-sa-20180328-lldp)

According to its self-reported version, the IOS XE is affected by one or more vulnerabilities. Please see the included Cisco BIDs and the Cisco Security Advisory for more information. TRUSTED...

Cisco IOS Software Link Layer Discovery Protocol Buffer Overflow Vulnerabilities (cisco-sa-20180328-lldp)

According to its self-reported version, the IOS is affected by one or more vulnerabilities. Please see the included Cisco BIDs and the Cisco Security Advisory for more information. TRUSTED...

Cisco IOS XR Software Link Layer Discovery Protocol Buffer Overflow Vulnerabilities (cisco-sa-20180328-lldp)

According to its self-reported version, the IOS XR is affected by one or more vulnerabilities. Please see the included Cisco BIDs and the Cisco Security Advisory for more information. TRUSTED...

Update to add support for TLS 1.1 and TLS 1.2 in Windows Server 2008 SP2, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009

Update to add support for TLS 1.1 and TLS 1.2 in Windows Server 2008 SP2, Windows Embedded POSReady 2009, and Windows Embedded Standard 2009 Summary An update is available to add support for TLS 1.1 and TLS 1.2 in Windows Server 2008 Service Pack 2 SP2, Windows Embedded POSReady 2009, and Windows...

Input validation

Systematic SitaWare 6.4 SP2 does not validate input from other sources sufficiently. e.g., information utilizing the NVG interface. An attacker can freeze the Situational Layer, which means that the Situational Picture is no longer updated. Unfortunately, the user cannot notice until he tries to...

CVE-2018-9115

Systematic SitaWare 6.4 SP2 does not validate input from other sources sufficiently. e.g., information utilizing the NVG interface. An attacker can freeze the Situational Layer, which means that the Situational Picture is no longer updated. Unfortunately, the user cannot notice until he tries to...

CVE-2018-9115

Systematic SitaWare 6.4 SP2 does not validate input from other sources sufficiently. e.g., information utilizing the NVG interface. An attacker can freeze the Situational Layer, which means that the Situational Picture is no longer updated. Unfortunately, the user cannot notice until he tries to...

CVE-2018-9115

Systematic SitaWare 6.4 SP2 does not validate input from other sources sufficiently. e.g., information utilizing the NVG interface. An attacker can freeze the Situational Layer, which means that the Situational Picture is no longer updated. Unfortunately, the user cannot notice until he tries to...

CVE-2018-9115

Systematic SitaWare 6.4 SP2 does not validate input from other sources sufficiently. e.g., information utilizing the NVG interface. An attacker can freeze the Situational Layer, which means that the Situational Picture is no longer updated. Unfortunately, the user cannot notice until he tries to...

[SECURITY] Fedora 27 Update: libuv-1.19.2-1.fc27

libuv is a new platform layer for Node. Its purpose is to abstract IOCP on Windows and libev on Unix systems. We intend to eventually contain all plat form differences in this library...

Cisco IOS/IOS XE/IOS XR Software Link Layer Discovery Protocol Subsystem Buffer Overflow Vulnerability

Cisco IOS Software, IOS XE Software, and IOS XR Software are operating systems developed by Cisco for its network devices.The Link Layer Discovery Protocol LLDP subsystem is one of these link layer discovery protocol subsystems. . A buffer overflow vulnerability exists in the LLDP subsystem in...

UBUNTU-CVE-2018-6249

NVIDIA GPU Display Driver contains a vulnerability in kernel mode layer handler where a NULL pointer dereference may lead to denial of service or potential escalation of privileges...