OTFCC 安全漏洞

OTFCC is a C library and utility open sourced by Caryll. It is used to parse and write OpenType font files. OTFCC has a security vulnerability that stems from a segmentation violation located at its /multiarch/memmove-vec-unaligned-erms.S. No detailed vulnerability details are currently available...

CVE-2022-35086

CVE-2022-35086 affects SWFTools, with the issue traced to a segmentation violation in the SWFTools code path via /multiarch/memmove-vec-unaligned-erms.S (commit 772e55a2). The CVE metadata shows a Medium severity (CVSSv3.1 base score 5.5) and a LOCAL attack vector, requiring user interaction for ...

CVE-2022-35101

SWFTools commit 772e55a2 was discovered to contain a segmentation violation via /multiarch/memset-vec-unaligned-erms.S...

CVE-2022-35101

SWFTools commit 772e55a2 was discovered to contain a segmentation violation via /multiarch/memset-vec-unaligned-erms.S...

Code injection

SWFTools commit 772e55a2 was discovered to contain a segmentation violation via /multiarch/memset-vec-unaligned-erms.S...

CVE-2022-35481

OTFCC v0.10.4 was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S...

CVE-2022-35101

SWFTools commit 772e55a2 was discovered to contain a segmentation violation via /multiarch/memset-vec-unaligned-erms.S...

CVE-2022-35481

OTFCC v0.10.4 was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S...

PT-2022-22570 · Swftools · Swftools

Name of the Vulnerable Software and Affected Versions: SWFTools affected versions not specified Description: A segmentation violation was discovered in SWFTools via the /multiarch/memset-vec-unaligned-erms.S API endpoint. Recommendations: At the moment, there is no information about a newer versi...

CVE-2022-29017

Bento4 v1.6.0.0 was discovered to contain a segmentation fault via the component /x8664/multiarch/strlen-avx2.S...

CVE-2022-29017

Bento4 v1.6.0.0 was discovered to contain a segmentation fault via the component /x8664/multiarch/strlen-avx2.S...

UBUNTU-CVE-2022-29017

Bento4 v1.6.0.0 was discovered to contain a segmentation fault via the component /x8664/multiarch/strlen-avx2.S...

CVE-2022-29017

Bento4 v1.6.0.0 was discovered to contain a segmentation fault via the component /x8664/multiarch/strlen-avx2.S...

curl security and bug fix update

7.61.1-18 - http: send payload when proxy authentication is done 1918692 - curl: Inferior OCSP verification CVE-2020-8286 - libcurl: FTP wildcard stack overflow CVE-2020-8285 - curl: trusting FTP PASV responses CVE-2020-8284 7.61.1-17 - validate an ssl connection using an intermediate certificate...

MGASA-2021-0053 Updated glibc packages fix security vulnerability

Security fixes: - fix buffer overrun in EUC-KR conversion module bz 2497 CVE-2019-25013 - arm: CVE-2020-6096: Fix multiarch memcpy for negative length BZ 25620 - arm: CVE-2020-6096: fix memcpy and memmove for negative length BZ 25620 - iconv: Fix incorrect UCS4 inner loop bounds BZ 26923...

Ubuntu 12.04 LTS : pam regression (USN-2935-3)

USN-2935-1 fixed vulnerabilities in PAM. The updates contained a packaging change that prevented upgrades in certain multiarch environments. USN-2935-2 intended to fix the problem but was incomplete for Ubuntu 12.04 LTS. This update fixes the problem in Ubuntu 12.04 LTS. We apologize for the...

USN-2935-3: PAM regression

USN-2935-1 fixed vulnerabilities in PAM. The updates contained a packaging change that prevented upgrades in certain multiarch environments. USN-2935-2 intended to fix the problem but was incomplete for Ubuntu 12.04 LTS. This update fixes the problem in Ubuntu 12.04 LTS. We apologize for the...

Ubuntu: Security Advisory (USN-2935-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-2935-2 pam regression

USN-2935-1 fixed vulnerabilities in PAM. The updates contained a packaging change that prevented upgrades in certain multiarch environments. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the PAM pamuserdb module incorrectly us...

Fedora 11 : GraphicsMagick-1.3.7-4.fc11 (2010-0001)

Mon Dec 28 2009 Rex Dieter - 1.3.7-4 - CVE-2009-1882 503017 - Fri Dec 4 2009 Stepan Kasal - 1.3.7-3 - rebuild against perl 5.10.1 - Fri Nov 6 2009 Rex Dieter - 1.3.7-2 - cleanup/uncruftify .spec - Thu Sep 17 2009 Rex Dieter - 1.3.7-1 - GraphicsMagick-1.3.7 - Mon Aug 3 2009 Ville Skytta - 1.3.6-2...