Lucene search
+L

81 matches found

OSV
OSV
added 2018/08/10 1:23 p.m.6 views

SUSE-SU-2018:2302-1 Security update for glibc

This update for glibc fixes the following issues: Security issue fixed: - CVE-2018-11236: Fix 32bit arch integer overflow in stdlib/canonicalize.c when processing very long pathname arguments bsc1094161. Bug fixes: - bsc1086690: Fix crash in resolver on memory allocation failure. - bsc1077763: Fi...

9.8CVSS9.5AI score0.074EPSS
Exploits0References6
OSV
OSV
added 2018/04/03 9:13 a.m.12 views

SUSE-SU-2018:0857-1 Security update for ImageMagick

This update for ImageMagick fixes several issues. These security issues were fixed: - CVE-2018-8804: The WriteEPTImage function allowed remote attackers to cause a denial of service double free and application crash or possibly have unspecified other impact via a crafted file bsc1086011. -...

9.8CVSS8.5AI score0.14512EPSS
Exploits9References35
OSV
OSV
added 2018/03/16 3:32 p.m.7 views

SUSE-SU-2018:0722-1 Security update for libid3tag

This update for libid3tag fixes the following issues: - CVE-2004-2779 CVE-2017-11551: Fixed id3utf16deserialize in utf16.c, which previously misparsed ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until OOM leading to DoS. bsc1081959...

7.5CVSS6.3AI score0.07267EPSS
Exploits2References9
OSV
OSV
added 2017/12/21 6:18 p.m.18 views

MGASA-2017-0460 Updated java-1.8.0-openjdk packages fix security vulnerabilities

Multiple flaws were discovered in the RMI and Hotspot components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions. CVE-2017-10285, CVE-2017-10346 It was discovered that the Kerberos client implementation in the Libraries...

9.6CVSS7.7AI score0.16181EPSS
Exploits2References4
OSV
OSV
added 2017/06/19 8:39 a.m.3 views

SUSE-SU-2017:1603-1 Security update for netpbm

This update for netpbm fixes the following issues: Security bugs: CVE-2017-2586: A NULL pointer dereference in stringToUint function could lead to a denial of service abort problem when processing malformed images. bsc1024292 CVE-2017-2581: A out-of-bounds write in writeRasterPbm could be used by...

7.8CVSS7.6AI score0.01291EPSS
Exploits0References7
OSV
OSV
added 2017/02/20 1:0 p.m.3 views

MGASA-2017-0058 Updated netpbm packages fix security vulnerability

Version 10.73.07 fixes security vulnerabilities: Out-of-bounds write in writeRasterPbm CVE-2017-2581 Out-of-bounds read in expandCodeOntoStack CVE-2017-2579 Out-of-bounds write of heap data in addPixelToRaster CVE-2017-2580 Null pointer dereference in stringToUint CVE-2017-2586 Insufficient size...

7.8CVSS7.6AI score0.01614EPSS
Exploits0References3
OSV
OSV
added 2016/12/13 8:19 a.m.8 views

SUSE-SU-2016:3107-1 Security update for libass

This update for libass fixes the following issues: CVE-2016-7969, CVE-2016-7970, CVE-2016-7971, CVE-2016-7972: Fixed multiple memory allocation issues found by fuzzing bsc1002982...

7.5CVSS7.5AI score0.05186EPSS
Exploits0References6
OSV
OSV
added 2016/11/04 10:24 a.m.13 views

SUSE-SU-2016:2725-1 Security update for xen

This update for xen fixes several issues. These security issues were fixed: - CVE-2016-7094: Buffer overflow in Xen allowed local x86 HVM guest OS administrators on guests running with shadow paging to cause a denial of service via a pagetable update bsc995792 - CVE-2016-7092: The getpagefroml3e...

9.8CVSS8.7AI score0.06336EPSS
Exploits0References47
OSV
OSV
added 2015/12/23 1:20 p.m.8 views

SUSE-SU-2015:2195-1 Security update for gdk-pixbuf

The gdk pixbuf library was updated to fix three security issues. These security issues were fixed: - CVE-2015-7673: Fix some more overflows scaling a gif bsc948791 - CVE-2015-4491: Check for overflow before allocating memory when scaling bsc942801 - CVE-2015-7673: Fix an overflow and DoS when...

6.8CVSS8.5AI score0.084EPSS
Exploits0References7
OSV
OSV
added 2013/06/15 7:55 p.m.7 views

CVE-2013-1992

Multiple integer overflows in X.org libdmx 1.1.2 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the 1 DMXGetScreenAttributes, 2 DMXGetWindowAttributes, and 3 DMXGetInputAttributes functions...

6.6AI score
Exploits0References6
OSV
OSV
added 2013/06/15 7:55 p.m.8 views

CVE-2013-1981

Multiple integer overflows in X.org libX11 1.5.99.901 1.6 RC1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the 1 XQueryFont, 2 XF86BigfontQueryFont, 3 XListFontsWithInfo, 4 XGetMotionEvents, 5 XListHosts, 6...

6.7AI score
Exploits0References6
OSV
OSV
added 2008/10/02 6:18 p.m.8 views

CVE-2008-3520

Multiple integer overflows in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via a crafted image file, related to integer multiplication for memory allocation...

6.3AI score
Exploits0References14
Ubuntu
Ubuntu
added 2004/11/24 4:1 a.m.58 views

USN-31-1: cyrus21-imapd vulnerabilities

Stefan Esser discovered several buffer overflows in the Cyrus IMAP server. Due to insufficient checking within the argument parser of the "partial" and "fetch" commands, an argument like "bodyp" was detected as "body.peek". This could cause a buffer overflow which could be exploited to execute...

10CVSS6.2AI score0.05951EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2004/10/25 12:0 a.m.25 views

GLSA-200410-23 : Gaim: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200410-23 Gaim: Multiple vulnerabilities A possible buffer overflow exists in the code processing MSN SLP messages CAN-2004-0891. memcpy was used without validating the size of the buffer, and an incorrect buffer was used as...

10CVSS6.4AI score0.06862EPSS
Exploits0References3
Gentoo Linux
Gentoo Linux
added 2004/10/24 12:0 a.m.37 views

Gaim: Multiple vulnerabilities

Background Gaim is a full featured instant messaging client which handls a variety of instant messaging protocols. Description A possible buffer overflow exists in the code processing MSN SLP messages CAN-2004-0891. memcpy was used without validating the size of the buffer, and an incorrect buffe...

10CVSS7.6AI score0.06862EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.22 views

Mandrake Linux Security Advisory : file (MDKSA-2003:030-1)

A memory allocation problem in file was found by Jeff Johnson, and a stack overflow corruption problem was found by David Endler. These problems have been corrected in file version 3.41 and likely affect all previous version. These problems pose a security threat as they can be used to execute...

4.6CVSS6.4AI score0.01982EPSS
Exploits1References2
securityvulns
securityvulns
added 2003/11/10 12:0 a.m.41 views

OpenLinux: Multiple vulnerabilities have reported in Ethereal 0.9.12

To: [email protected] [email protected] [email protected] [email protected] -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SCO Security Advisory Subject: OpenLinux: Multiple vulnerabilities have reported in Ethereal 0.9.12 Advisory number:...

10CVSS0.6AI score0.04754EPSS
Exploits0
NVD
NVD
added 2003/09/22 4:0 a.m.19 views

CVE-2003-0778

saned in sane-backends 1.0.7 and earlier, and possibly later versions, does not properly allocate memory in certain cases, which could allow attackers to cause a denial of service memory consumption...

5CVSS6.4AI score0.01774EPSS
Exploits1References8
RedHat Linux
RedHat Linux
added 2002/06/06 6:53 a.m.10 views

Moderate: Red Hat Security Advisory: : Updated ethereal packages are available

Updated ethereal packages are available which fix several security problems. Ethereal is a package designed for monitoring network traffic on your system. Several security issues have been found in Ethereal: Due to improper string and error handling in Ethereal's ASN.1 parser, it is possible for ...

10CVSS6.5AI score0.51126EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2002/05/03 12:0 a.m.20 views

PT-2002-1419 · Ethereal · Ethereal

Name of the Vulnerable Software and Affected Versions: Ethereal versions 0.9.2 and earlier Description: The issue is related to the ASN.1 parser, which can be exploited by remote attackers to cause a denial of service crash via a certain malformed packet. This occurs because Ethereal allocates...

5CVSS7.3AI score0.02734EPSS
Exploits0References7
Rows per page
Query Builder