581 matches found
Type confusion
DISPUTED In LuaJIT through 2.0.5, as used in Moonjit before 2.1.2 and other products, debug.getinfo has a type confusion issue that leads to arbitrary memory write or read operations, because certain cases involving valid stack levels and options are mishandled. NOTE: The LuaJIT project owner...
CVE-2019-19391
In LuaJIT through 2.0.5, as used in Moonjit before 2.1.2 and other products, debug.getinfo has a type confusion issue that leads to arbitrary memory write or read operations, because certain cases involving valid stack levels and options are mishandled. NOTE: The LuaJIT project owner states that...
CVE-2019-19391
LuaJIT up to 2.0.5 (used in Moonjit prior to 2.1.2) contains a type-confusion in debug.getinfo that can cause arbitrary memory read/write. Debian LTS advisory DLA-4283-1 notes this CVE-2019-19391 alongside other CVEs and states fixes in luajit 2.1.0~beta3+dfsg-5.3+deb11u1 for Debian 11; the LuaJI...
CVE-2019-19391
In LuaJIT through 2.0.5, as used in Moonjit before 2.1.2 and other products, debug.getinfo has a type confusion issue that leads to arbitrary memory write or read operations, because certain cases involving valid stack levels and options are mishandled. NOTE: The LuaJIT project owner states that...
CVE-2019-19391
In LuaJIT through 2.0.5, as used in Moonjit before 2.1.2 and other products, debug.getinfo has a type confusion issue that leads to arbitrary memory write or read operations, because certain cases involving valid stack levels and options are mishandled. NOTE: The LuaJIT project owner states that...
CVE-2019-19391
In LuaJIT through 2.0.5, as used in Moonjit before 2.1.2 and other products, debug.getinfo has a type confusion issue that leads to arbitrary memory write or read operations, because certain cases involving valid stack levels and options are mishandled. NOTE: The LuaJIT project owner states that...
Linux kernel buffer overflow vulnerability (CNVD-2019-46998)
Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A buffer overflow vulnerability exists in the Linux kernel. The vulnerability arises from a networked system or product performing operations in memory without properl...
USN-4203-2: NSS vulnerability
USN-4203-1 fixed a vulnerability in NSS. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that NSS incorrectly handled certain memory operations. A remote attacker could use this issue to cause NSS to crash,...
USN-4203-1: NSS vulnerability
It was discovered that NSS incorrectly handled certain memory operations. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code...
Red Hat FreeIPA Buffer Overflow Vulnerability
Red Hat FreeIPA is an integrated security information management solution from Red Hat, Inc. The product mainly for Linux and Unix computer networks to provide identity management, policy management and audit management IPA and other functions. A buffer overflow vulnerability exists in Red Hat...
Ubuntu: Security Advisory (USN-4198-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 LTS / 18.04 LTS : DjVuLibre vulnerabilities (USN-4198-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4198-1 advisory. It was discovered that DjVuLibre incorrectly handled certain memory operations. If a user or automated system were tricked into processing a...
USN-4198-1: DjVuLibre vulnerabilities
It was discovered that DjVuLibre incorrectly handled certain memory operations. If a user or automated system were tricked into processing a specially crafted DjVu file, a remote attacker could cause applications to hang or crash, resulting in a denial of service, or possibly execute arbitrary co...
Buffer Overflow Vulnerability in Multiple Qualcomm Products (CNVD-2020-16070)
The Qualcomm MDM9206 and others are a central processing unit CPU product of Qualcomm Incorporated. A buffer overflow vulnerability exists in QTEE in multiple Qualcomm products. The vulnerability originates when a networked system or product performs an operation in memory without properly...
file buffer overflow vulnerability (CNVD-2020-14286)
file is a set of command-line tools used in Unix-like applications to view file information. A buffer overflow vulnerability exists in cdfreadpropertyinfo in the cdf.c file in file 5.37 and earlier versions, which arises from a networked system or product that performs an operation in memory...
Lute-Tab Buffer Overflow Vulnerability
Lute-Tab is a utility program for editing sound scores. A buffer overflow vulnerability exists in Lute-Tab. The vulnerability stems from a networked system or product performing operations in memory without properly validating data boundaries, resulting in incorrect read and write operations bein...
Ubuntu 18.04 LTS : OpenJDK 11 vulnerabilities (USN-4083-1)
The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4083-1 advisory. It was discovered that OpenJDK did not sufficiently validate serial streams before deserializing suppressed exceptions in some situations. An attacker...
Schism Tracker Integer Overflow Vulnerability
Schism Tracker is an open source music composition tool. An integer overflow vulnerability exists in Schism Tracker 20190722 and prior versions. The vulnerability stems from a networked system or product performing operations in memory without properly validating data boundaries, resulting in...
Ubuntu: Security Advisory (USN-4080-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4080-1: OpenJDK 8 vulnerabilities
Keegan Ryan discovered that the ECC implementation in OpenJDK was not sufficiently resilient to side-channel attacks. An attacker could possibly use this to expose sensitive information. CVE-2019-2745 It was discovered that OpenJDK did not sufficiently validate serial streams before deserializing...