Design/Logic Flaw

An issue was discovered in cairo 1.16.0. There is an assertion problem in the function cairoarcindirection in the file cairo-arc.c...

CVE-2019-6461

An issue was discovered in cairo 1.16.0. There is an assertion problem in the function cairoarcindirection in the file cairo-arc.c...

CVE-2019-6455

An issue was discovered in GNU Recutils 1.8. There is a double-free problem in the function recmsetelemdestroy in the file rec-mset.c...

CVE-2019-6455

An issue was discovered in GNU Recutils 1.8. There is a double-free problem in the function recmsetelemdestroy in the file rec-mset.c...

CVE-2019-6461

An issue was discovered in cairo 1.16.0. There is an assertion problem in the function cairoarcindirection in the file cairo-arc.c...

CVE-2019-6455

GNU Recutils 1.8 contains a double-free vulnerability in rec_mset_elem_destroy() within rec-mset.c (CVE-2019-6455). The OSV/ CNVD entries confirm the same issue; no exploit details or affected version ranges beyond 1.8 are provided in the connected documents. No patch/version remediation is speci...

CVE-2019-6461

CVE-2019-6461 affects Cairo 1.16.0, with an assertion issue in _cairo_arc_in_direction() inside cairo-arc.c. The connected sources validate the root cause as an assertion failure when drawing arcs with NaN angles, and the affected component is Cairo’s 2D vector graphics library. The advisory cont...

PT-2019-18104

Name of the Vulnerable Software and Affected Versions cairo version 1.16.0 Description An issue was discovered in the function cairo arc in direction in the file cairo-arc.c, which is related to an assertion problem. Recommendations For cairo version 1.16.0, consider restricting access to the cai...

CVE-2018-4208

In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks...

Fedora 29 : ghostscript (2018-81ee973d7c)

This is a security update for CVE-2018-16802. It also fixes a printing problem discovered in one of the previous CVE fixes. NOTE: Please, be advised that there's a separate issue related to printing problems, which is connected to CUPS itself, meaning this update might not completely resolve your...

Fedora 28 : ghostscript (2018-c39ae23dc8)

This is a security fix for CVE-2018-16802. It also fixes a printing problem discovered in one of the previous CVE fixes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean an...

SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2018:3476-1)

This update for MozillaFirefox to 60.2.2ESR fixes the following issues : Security issues fixed : MFSA 2018-24 : CVE-2018-12386: A Type confusion in JavaScript allowed remote code execution bsc1110506 CVE-2018-12387: Array.prototype.push stack pointer vulnerability may have enabled exploits in the...

2018: The year of the data breach tsunami

It’s tough to remember all of the data breaches that happened in 2018. But when you look at the largest and most impactful ones that were reported throughout the year, it paints a grim picture about the state of data security today. The consequences of major companies leaking sensitive data are...

ICA File Can't Be Launched by CDViewer for Specific User

Click the XenDesktop icon on StoreFront, IE11 doesn't invoke CDViewer to get through to XenDesktop. 2. Click the XenDesktop icon on StoreFront, Chrome 46.0 downloads the ICA file, clicking the downloaded ICA file doesn't invoke CDViewer to get through to XenDesktop. Usercan logon to same VDA...

SUSE-SU-2018:4130-1 Security update for ansible

This update for ansible fixes the following issues: Ansible was updated to ansible 2.4.6.0. The full release notes can be found on: https://github.com/ansible/ansible/blob/stable-2.4/CHANGELOG.md Security issues fixed: - CVE-2018-10875: ansible.cfg is read from the current working directory which...

Security update for dpdk (moderate)

This update for dpdk to version 16.11.8 provides the following security fix: - CVE-2018-1059: restrict untrusted guest to misuse virtio to corrupt host application ovs-dpdk memory which could have lead all VM to lose connectivity bsc1089638 and following non-security fixes: - Enable the broadcom...

openSUSE Security Update : dpdk (openSUSE-2018-1484)

This update for dpdk to version 16.11.8 provides the following security fix : - CVE-2018-1059: restrict untrusted guest to misuse virtio to corrupt host application ovs-dpdk memory which could have lead all VM to lose connectivity bsc1089638 and following non-security fixes : - Enable the broadco...

SUSE SLES12 Security Update : dpdk (SUSE-SU-2018:3923-1)

This update for dpdk to version 16.11.8 provides the following security fix : CVE-2018-1059: restrict untrusted guest to misuse virtio to corrupt host application ovs-dpdk memory which could have lead all VM to lose connectivity bsc1089638 and following non-security fixes: Enable the broadcom...

Medium: openssl

Issue Overview: During key agreement in a TLS handshake using a DHE based ciphersuite a malicious server can send a very large prime value to the client. This will cause the client to spend an unreasonably long period of time generating a key for this prime resulting in a hang until the client ha...

CVE-2016-2123

CVE-2016-2123 affects Samba versions 4.0.0–4.5.2, where the routine ndr_pull_dnsp_name contains an integer wrap/overflow flaw in parsing data from the Samba AD ldb database. An attacker who can write to the dnsRecord attribute over LDAP (default: authenticated LDAP users can do so for new DNS obj...