Intel Processor Diagnostic Tool elevation of privilege vulnerability (CNVD-2018-15597)

Intel Processor Diagnostic Tool IPDT is a processor function diagnostic tool from Intel USA. An elevation of privilege vulnerability exists in Intel IPDT versions prior to 4.1.0.27. A local attacker can exploit this vulnerability to execute arbitrary code...

Intel Smart Sound Tech Vulnerable to Three High-Severity Bugs

Intel issued three fixes for bugs that could allow a local attacker to execute code on Intel Core and Atom processor-based PCs. The vulnerabilities are tied to versions of its own Intel Smart Sound Technology, used to boost audio processing for tasks such as voice commands and interactions with...

Intel ME 6.x/7.x/8.x/9.x/10.x./11.x, SPS 4.0, and TXE 3.0 Cumulative Security Update - US

Lenovo Security Advisory: LEN-17297 Potential Impact: An attacker could load and execute arbitrary code outside the visibility of the user, operating system, and hypervisor/virtualization platform; resulting in exfiltration of secrets, subtle manipulation of system operation, or denial of service...

Updated microcode packages fix security vulnerability

This microcode update provides the first set of fixes for Speculative Store Bypass SSBD, Spectre v4, CVE-2018-3639 and Rogue System Register Read RSRE, Spectre v3a, CVE-2018-3640 for Intel Sandybridge server, Ivy Bridge server, Haswell server, Skylake server, Broadwell server, a few HEDT Core i7/...

CVE-2018-14590

An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in AP4Processor::ProcessFragments in Core/Ap4Processor.cpp...

Wireshark DICOM Parser Infinite Loop Vulnerability

Wireshark formerly known as Ethereal is a set of network packet analysis software developed by the Wireshark team. The function of the software is to intercept network packets and display detailed data for analysis.DICOM dissector is one of the DICOM communication protocol parser. An infinite loo...

CVE-2018-2904

Vulnerability in the Oracle Communications EAGLE LNP Application Processor component of Oracle Communications Applications subcomponent: GUI. The supported version that is affected is 10.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

Design/Logic Flaw

Vulnerability in the Oracle Communications EAGLE LNP Application Processor component of Oracle Communications Applications subcomponent: GUI. The supported version that is affected is 10.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2018-2904

Vulnerability in the Oracle Communications EAGLE LNP Application Processor component of Oracle Communications Applications subcomponent: GUI. The supported version that is affected is 10.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2018-2904

CVE-2018-2904 affects Oracle Communications EAGLE LNP Application Processor GUI in Oracle Communications Applications (10.x). The vulnerability allows an unauthenticated attacker with network access over HTTP to read and modify data, with a CVSS v3.0 base score of 6.5 (Impact: Confidentiality and...

ClamAV Integer Overflow Vulnerability

ClamAV Clam AntiVirus is a free and open source antivirus program developed by the ClamAV team. The software is used to detect Trojans, viruses, malware and other malicious threats. An integer overflow vulnerability exists in the 'parsehwp3paragraph' function in the libclamav/hwp.c file in versio...

CPU July 2018

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories...

ALPINE-CVE-2018-0360

ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3paragraph in libclamav/hwp.c...

Integer overflow

ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3paragraph in libclamav/hwp.c...

CVE-2018-0360

ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3paragraph in libclamav/hwp.c...

CVE-2018-0360

ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3paragraph in libclamav/hwp.c...

DEBIAN-CVE-2018-0360

ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3paragraph in libclamav/hwp.c...

CVE-2018-0360

ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3paragraph in libclamav/hwp.c...

CVE-2018-0360

ClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3paragraph in libclamav/hwp.c...

CVE-2018-0360

CVE-2018-0360 : in ClamAV before 0.100.1, an integer overflow in Hangul Word Processor (HWP) parsing causes an infinite loop via the function parsehwp3_paragraph() in libclamav/hwp.c . Affected version range is up to 0.100.0; remediation is to upgrade to 0.100.1 or newer (as documented by multipl...