MGASA-2019-0054 Updated zeromq packages fix security vulnerability

CVE-2019-6250: fix a remote execution vulnerability due to pointer arithmetic overflow...

Updated zeromq packages fix security vulnerability

CVE-2019-6250: fix a remote execution vulnerability due to pointer arithmetic overflow...

openSUSE Security Update : zeromq (openSUSE-2019-87)

This update for zeromq fixes the following issues : Security issue fixed : - CVE-2019-6250: fix a remote execution vulnerability due to pointer arithmetic overflow bsc1121717 The following tracked packaging change is included : - boo1082318: correctly mark license files as licence instead of...

openSUSE: Security Advisory for zeromq (openSUSE-SU-2019:0087-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE-SU-2019:0110-1 Security update for zeromq

This update for zeromq fixes the following issues: Security issue fixed: - CVE-2019-6250: fix a remote execution vulnerability due to pointer arithmetic overflow bsc1121717...

Security update for zeromq (important)

openSUSE Security Update: Security update for zeromq Announcement ID: openSUSE-SU-2019:0064-1 Rating: important References: 1121717 Cross-References: CVE-2019-6250 Affected Products: openSUSE Leap 42.3 An update that fixes one vulnerability is now available. Description: This update for zeromq...

Arbitrary Code Execution

kernel is vulnerable to arbitrary code execution attacks. The vulnerability exists as the NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lack certain checks for the end of a buffer, which allows remote attackers to trigger pointer-arithmetic errors or possibly have...

Arbitrary Code Execution

java-1.7.1-ibm is vulnerable to arbitrary code execution attacks. The vulnerability exists as inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic...

Debian DLA-1587-1 : pixman security update

CVE-2015-5297 Numerical overflow in pointer arithmetic. For Debian 8 'Jessie', this problem has been fixed in version 0.32.6-3+deb8u1. We recommend that you upgrade your pixman packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security...

Debian: Security Advisory (DLA-1587-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2016-7069

An issue has been found in dnsdist before 1.2.0 in the way EDNS0 OPT records are handled when parsing responses from a backend. When dnsdist is configured to add EDNS Client Subnet to a query, the response may contain an EDNS0 OPT record that has to be removed before forwarding the response to th...

CVE-2016-7069

An issue has been found in dnsdist before 1.2.0 in the way EDNS0 OPT records are handled when parsing responses from a backend. When dnsdist is configured to add EDNS Client Subnet to a query, the response may contain an EDNS0 OPT record that has to be removed before forwarding the response to th...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Systems Director Platform Agent

Summary There are multiple vulnerabilities in OpenSSL that is used by IBM Systems DirectorISD Platform Agent. These OpenSSL vulnerabilities were disclosed in September 2016 and October 2016 by the OpenSSL Project. Vulnerability Details CVEID: CVE-2016-2182 DESCRIPTION: OpenSSL is vulnerable to a...

Security Bulletin: Open Source zlib Vulnerabilities in IBM eDiscovery Manager

Summary zlib is vulnerable to a denial of service, caused by an out-of-bounds pointer arithmetic in inftrees.c. By persuading a victim to open a specially crafted document, a remote attacker could exploit this vulnerability to cause a denial of service. Vulnerability Details CVEID: CVE-2016-9840...

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Tealeaf Customer Experience

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Tealeaf Customer Experience. IBM Tealeaf Customer Experience has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-6304 DESCRIPTION: OpenSSL is vulnerable ...

Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Image Construction and Composition Tool.

Summary OpenSSL vulnerabilities were disclosed on September 22 and 26, 2016 by the OpenSSL Project. OpenSSL is used by IBM Image Construction and Composition Tool. IBM Image Construction and Composition Tool has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-6302 DESCRIPTION...

Out-of-bounds

An exploitable out of bounds write vulnerability exists in the parsing of ELF Section Headers of Hopper Disassembler 3.11.20. A specially crafted ELF file can cause attacker controlled pointer arithmetic resulting in a partially controlled out of bounds write. An attacker can craft an ELF file wi...

CVE-2016-8390

CVE-2016-8390 concerns Hopper Disassembler 3.11.20, where the ELF Section Headers parsing has an out-of-bounds write due to attacker-controlled data in the section header table. Multiple connected sources describe a vulnerability in ELF parsing that can cause memory corruption via a crafted ELF f...

openSUSE Security Update : openssl-steam (openSUSE-2018-168)

This update for openssl-steam fixes the following issues : - Merged changes from upstream openssl Factory rev 137 into this fork for Steam. Updated to openssl 1.0.2k : - CVE-2016-7055: Montgomery multiplication may produce incorrect results boo1009528 - CVE-2016-7056: ECSDA P-256 timing attack ke...

DEBIAN-CVE-2017-17854

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service integer overflow and memory corruption or possibly have unspecified other impact by leveraging unrestricted integer values for pointer arithmetic...