Medium: libvirt

Issue Overview: An off-by-one error flaw was found in the udevListInterfacesByStatus function in libvirt when the number of interfaces exceeds the size of the names array. This issue can be reproduced by sending specially crafted data to the libvirt daemon, allowing an unprivileged client to...

SUSE CVE-2016-3982

Off-by-one error in the bmprle4fread function in pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service out-of-bounds read or write access and crash or possibly execute arbitrary code via a crafted image file, which triggers a heap-based buffer overflow...

CVE-2020-29040

An off-by-one flaw was found in one of the two patches for CVE-2020-27671 XSA-346. This flaw allows malicious x86 HVM and PVH guests to cause host data corruption and data leaks, resulting in a denial of service or potential privilege escalation. The highest threat from this vulnerability is to...

Arbitrary Code Execution

libsane.so is vulnerable to arbitrary code execution. An off-by-one flaw when parsing MpegPs files causes memory corruption leading to an application crash or remote code execution...

Denial Of Service (DoS)

bind is vulnerable to denial of service DoS. The vulnerability exists as an off-by-one flaw was found in the way BIND processed negative responses with large resource record sets RRSets. An attacker able to send recursive queries to a BIND server that is configured as a caching resolver could use...

Heap-based Out-Of-Bounds Write

The kernel-rt packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way IP packets with an Internet Header Length ihl of zero were processed in the skbflowdissect function in the Linux kernel. A remote attacker could use this flaw to trigger an infinit...

Apache Traffic Server < 7.0.0 Multiple Vulnerabilities

Binary data 9788.prm...

Google Chrome < 49.0.2623.108 Multiple Vulnerabilities

Binary data 9204.pasl...

ICU: layout engine glyphStorage off-by-one (OpenJDK 2D, 8067699)

An off-by-one flaw, leading to a buffer overflow, was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could possibly cause the Java Virtual Machine to execute arbitrary code, allowing an untrusted Java application or applet to bypass Java sandbox...

Scientific Linux Security Update : php on SL4.x i386/x86_64 (20120130)

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. It was found that the hashing routine used by PHP arrays was susceptible to predictable hash collisions. If an HTTP POST request to a PHP application contained many parameters whose names map to the same hash...

Scientific Linux Security Update : bind97 on SL5.x i386/x86_64

"The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'deprecatednasllevel.inc'; include'compat.inc'; if...

CentOS Update for bind97 CESA-2011:0845 centos5 x86_64

Check for the Version of bind97 OpenVAS Vulnerability Test CentOS Update for bind97 CESA-2011:0845 centos5 x8664 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

RedHat Update for php RHSA-2012:0071-01

Check for the Version of php OpenVAS Vulnerability Test RedHat Update for php RHSA-2012:0071-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

Moderate: Red Hat Security Advisory: php53 and php security update

Updated php53 and php packages that fix several security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detail...

bind97 security update

CentOS Errata and Security Advisory CESA-2011:0845 Updated bind and bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring Syst...

Important: Red Hat Security Advisory: bind security update

Updated bind and bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...