ALPINE-CVE-2018-10537

An issue was discovered in WavPack 5.1.0 and earlier. The W64 parser component contains a vulnerability that allows writing to memory because ParseWave64HeaderConfig in wave64.c does not reject multiple format chunks...

ALPINE-CVE-2018-10536

An issue was discovered in WavPack 5.1.0 and earlier. The WAV parser component contains a vulnerability that allows writing to memory because ParseRiffHeaderConfig in riff.c does not reject multiple format chunks...

CVE-2018-10534

The bfdXXbfdcopyprivatebfddatacommon function in peXXigen.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, processes a negative Data Directory size with an unbounded loop that increases the value of externalIMAGEDEBUGDIRECTORY edd so that the address...

CVE-2018-10534

CVE-2018-10534 is a vulnerability in GNU Binutils’ Binary File Descriptor library (libbfd). The issue arises in the function sequence involving the _bfd_XX_bfd_copy_private_bfd_data_common routine (peXXigen.c) when processing a negative Data Directory size, which enters an unbounded loop and expa...

CVE-2018-10534

The bfdXXbfdcopyprivatebfddatacommon function in peXXigen.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, processes a negative Data Directory size with an unbounded loop that increases the value of externalIMAGEDEBUGDIRECTORY edd so that the address...

PT-2018-9950 · Wavpack +3 · Wavpack +3

Name of the Vulnerable Software and Affected Versions: WavPack versions 5.1.0 and earlier Description: A issue in the WAV parser component allows writing to memory due to the ParseRiffHeaderConfig function in riff.c not rejecting multiple format chunks. Recommendations: For versions 5.1.0 and...

UBUNTU-CVE-2018-10536

An issue was discovered in WavPack 5.1.0 and earlier. The WAV parser component contains a vulnerability that allows writing to memory because ParseRiffHeaderConfig in riff.c does not reject multiple format chunks...

UBUNTU-CVE-2018-10537

An issue was discovered in WavPack 5.1.0 and earlier. The W64 parser component contains a vulnerability that allows writing to memory because ParseWave64HeaderConfig in wave64.c does not reject multiple format chunks...

PT-2018-9951 · Wavpack +3 · Wavpack +3

Name of the Vulnerable Software and Affected Versions: WavPack versions 5.1.0 and earlier Description: An issue in the W64 parser component allows writing to memory. This is due to the ParseWave64HeaderConfig function in wave64.c not rejecting multiple format chunks. Recommendations: For versions...

CVE-2018-10536

An issue was discovered in WavPack 5.1.0 and earlier. The WAV parser component contains a vulnerability that allows writing to memory because ParseRiffHeaderConfig in riff.c does not reject multiple format chunks...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1010-1)

This update for the Linux Kernel 3.12.61-5272 fixes several issues. The following security issues were fixed : - CVE-2017-13166: An elevation of privilege vulnerability was fixed in the kernel v4l2 video driver. bsc1085447. - CVE-2018-1068: A flaw was found in the Linux kernels implementation of...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:0999-1)

This update for the Linux Kernel 3.12.61-5277 fixes several issues. The following security issues were fixed : - CVE-2017-13166: An elevation of privilege vulnerability was fixed in the kernel v4l2 video driver. bsc1085447. - CVE-2018-1068: A flaw was found in the Linux kernels implementation of...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1000-1)

This update for the Linux Kernel 3.12.61-5289 fixes several issues. The following security issues were fixed : - CVE-2017-13166: An elevation of privilege vulnerability was fixed in the kernel v4l2 video driver. bsc1085447. - CVE-2018-1068: A flaw was found in the Linux kernels implementation of...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1025-1)

This update for the Linux Kernel 3.12.74-606440 fixes several issues. The following security issues were fixed : - CVE-2017-13166: An elevation of privilege vulnerability was fixed in the kernel v4l2 video driver. bsc1085447. - CVE-2018-1068: A flaw was found in the Linux kernels implementation o...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:0992-1)

This update for the Linux Kernel 3.12.74-606451 fixes several issues. The following security issues were fixed : - CVE-2017-13166: An elevation of privilege vulnerability was fixed in the kernel v4l2 video driver. bsc1085447. - CVE-2018-1068: A flaw was found in the Linux kernels implementation o...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:0988-1)

This update for the Linux Kernel 3.12.74-606469 fixes several issues. The following security issues were fixed : - CVE-2017-13166: An elevation of privilege vulnerability was fixed in the kernel v4l2 video driver. bsc1085447. - CVE-2018-1068: A flaw was found in the Linux kernels implementation o...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:0994-1)

This update for the Linux Kernel 3.12.61-52111 fixes several issues. The following security issues were fixed : - CVE-2017-13166: An elevation of privilege vulnerability was fixed in the kernel v4l2 video driver. bsc1085447. - CVE-2018-1068: A flaw was found in the Linux kernels implementation of...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1029-1)

This update for the Linux Kernel 3.12.61-52106 fixes several issues. The following security issues were fixed : - CVE-2017-13166: An elevation of privilege vulnerability was fixed in the kernel v4l2 video driver. bsc1085447. - CVE-2018-1068: A flaw was found in the Linux kernels implementation of...

Foxit Reader ePub Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ePub...

CVE-2016-10442

Technical details for CVE-2016-10442 are not publicly provided in the supplied documents; the entry lists affected Android/Qualcomm components but no exploits or patches are detailed here. Monitor for updates.