Lucene search
K

660 matches found

Tenable Nessus
Tenable Nessus
added 2019/07/22 12:0 a.m.19 views

openSUSE Security Update : clementine (openSUSE-2019-1780)

This update for clementine fixes the following issues : - CVE-2018-14332: Fixed a NULL ptr dereference crash in the moodbar pipeline boo1103041 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2019-1780...

5.5CVSS5.6AI score0.00553EPSS
Exploits1References2
OPENSUSE Linux
OPENSUSE Linux
added 2019/07/21 12:0 a.m.151 views

Security update for clementine (moderate)

openSUSE Security Update: Security update for clementine Announcement ID: openSUSE-SU-2019:1780-1 Rating: moderate References: 1103041 Cross-References: CVE-2018-14332 Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 openSUSE Backports SLE-15 An update that fixes one vulnerability is now...

5.5CVSS6AI score0.00553EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2019/04/04 12:0 a.m.30 views

EulerOS Virtualization 2.5.4 : gd (EulerOS-SA-2019-1250)

According to the version of the gd package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - The GD Graphics Library aka LibGD 2.2.5 has a double free in the gdImagePtr functions in gdgifout.c, gdjpeg.c, and gdwbmp.c. NOTE: PHP is...

9.8CVSS7.1AI score0.04416EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/03/28 12:0 a.m.52 views

SUSE SLED15 / SLES15 Security Update : gd (SUSE-SU-2019:0771-1)

This update for gd fixes the following issues : Security issues fixed : CVE-2019-6977: Fixed a heap-based buffer overflow the GD Graphics Library used in the imagecolormatch function bsc1123361. CVE-2019-6978: Fixed a double free in the gdImagePtr functions bsc1123522. Note that Tenable Network...

9.8CVSS7.3AI score0.65116EPSS
Exploits7References7
Mageia
Mageia
added 2019/02/14 8:38 a.m.45 views

Updated libwmf packages fix security vulnerability

The GD Graphics Library aka LibGD 2.2.5 has a double free in the gdImagePtr functions in gdgifout.c, gdjpeg.c, and gdwbmp.c. NOTE: PHP is unaffected. CVE-2019-6978...

9.8CVSS2AI score0.04416EPSS
Exploits0References2
OSV
OSV
added 2019/01/28 8:29 a.m.3 views

ALPINE-CVE-2019-6978

The GD Graphics Library aka LibGD 2.2.5 has a double free in the gdImagePtr functions in gdgifout.c, gdjpeg.c, and gdwbmp.c. NOTE: PHP is unaffected...

9.8CVSS7.2AI score0.04416EPSS
Exploits0References1
CVE
CVE
added 2019/01/28 7:0 a.m.533 views

CVE-2019-6978

CVE-2019-6978 concerns the GD Graphics Library (LibGD) 2.2.5, which has a double free vulnerability in the gdImage*Ptr() paths (gd_gif_out.c, gd_jpeg.c, gd_wbmp.c). The description notes that PHP is unaffected. The connected advisories confirm this CVE and tie it to libwmf-related updates in mult...

9.8CVSS8.7AI score0.04416EPSS
Exploits0References14Affected Software1
AlpineLinux
AlpineLinux
added 2019/01/28 7:0 a.m.34 views

CVE-2019-6978

The GD Graphics Library aka LibGD 2.2.5 has a double free in the gdImagePtr functions in gdgifout.c, gdjpeg.c, and gdwbmp.c. NOTE: PHP is unaffected...

9.8CVSS9.1AI score0.04416EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2017/12/14 10:10 p.m.4 views

Qemu: exec: oob access during dma operation

Quick Emulator QEMU, compiled with qemumapramptr to access guests' RAM block area, is vulnerable to an OOB r/w access issue. The crash can occur if a privileged user inside a guest conducts certain DMA operations, resulting in a DoS...

4.4CVSS7.2AI score0.00502EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2017/11/10 2:29 a.m.2 views

CVE-2017-12803

The NodeValidatePtr function in corec/corec/node/node.c in mkclean 0.8.9 allows remote attackers to cause a denial of service assert fault via a crafted mkv file...

6.5CVSS5.5AI score0.02241EPSS
Exploits0References4
n0where
n0where
added 2017/05/22 4:14 a.m.219 views

High Performance DNS Stub Resolver: MassDNS

A high performance DNS stub resolver in C MassDNS is a simple high-performance DNS stub resolver targetting those who seek to resolve a massive amount of domain names in the order of millions or even billions. Without special configuration, MassDNS is capable of resolving over 100,000,000 domains...

Exploits0References1
Oracle linux
Oracle linux
added 2017/04/12 12:0 a.m.90 views

kernel security, bug fix, and enhancement update

3.10.0-514.16.1.OL7 - Oracle Linux certificates Alexey Petrenko - Oracle Linux RHCK Module Signing Key was compiled into kernel [email protected] - Update x509.genkey bug 24817676 3.10.0-514.16.1 - tty nhdlc: get rid of racy nhdlc.tbuf 'Herton R. Krzesinski' 1429919...

7.8CVSS0.4AI score0.0596EPSS
Exploits21
RedhatCVE
RedhatCVE
added 2017/03/27 2:10 p.m.34 views

CVE-2017-7261

In was found that in the Linux kernel, in vmwsurfacedefineioctl function in 'drivers/gpu/drm/vmwgfx/vmwgfxsurface.c' file, a 'numsizes' parameter is assigned a user-controlled value which is not checked if it is zero. This is used in a call to kmalloc and later leads to dereferencing ZEROSIZEPTR,...

5.5CVSS2.4AI score0.00366EPSS
Exploits0References1
Hacker One
Hacker One
added 2017/03/03 5:12 p.m.15 views

shopify-scripts: mrb_vm_exec - null ptr dereference

Linux Ubuntu Xenial x64 commit ffdf7be7235717fb1cd30e54c24c5383f705f110 Author: Yukihiro "Matz" Matsumoto Date: Thu Mar 2 20:38:16 2017 +0900 Probably related with https://github.com/mruby/mruby/issues/3389 Old PoC 0.instanceeval super New PoC p.instanceeval super 1 ++1 output...

0.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/01/10 12:0 a.m.39 views

openSUSE Security Update : tiff (openSUSE-2017-53)

The tiff library and tools were updated to version 4.0.7 fixing various bug and security issues. - CVE-2014-8127: out-of-bounds read with malformed TIFF image in multiple tools bnc914890 - CVE-2016-9297: tifdirread.c read outside buffer in TIFFPrintField bnc1010161 - CVE-2016-3658: Illegal read i...

7.8CVSS7.2AI score0.06471EPSS
Exploits4References22
Tenable Nessus
Tenable Nessus
added 2016/12/08 12:0 a.m.73 views

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3648)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-3648 advisory. - mpi: Fix NULL ptr dereference in mpipowm ver 3 Andrey Ryabinin Orabug: 25154096 CVE-2016-8650 CVE-2016-8650 - sctp: validate chunk len before...

10CVSS6.6AI score0.09144EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2016/12/07 12:0 a.m.68 views

Unbreakable Enterprise kernel security update

kernel-uek 4.1.12-61.1.22 - ocfs2: fix trans extend while free cached blocks Junxiao Bi Orabug: 25136991 - ocfs2: fix trans extend while flush truncate log Junxiao Bi Orabug: 25136991 - ocfs2: extend enough credits for freeing one truncate record while replaying truncate records Xue jiufei Orabug...

10CVSS0.5AI score0.09144EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2016/12/03 6:59 a.m.27 views

CVE-2016-9804

In BlueZ 5.42, a buffer overflow was observed in "commandsdump" function in "tools/parser/csr.c" source file. The issue exists because "commands" array is overflowed by supplied parameter due to lack of boundary checks on size of the buffer from frame "frm-ptr" parameter. This issue can be...

5.3CVSS7AI score0.02523EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2016/04/12 2:59 p.m.14 views

CVE-2015-8702

The DNS::GetResult function in dns.cpp in InspIRCd before 2.0.19 allows remote DNS servers to cause a denial of service netsplit via an invalid character in a PTR response, as demonstrated by a "\032" whitespace character in a hostname...

8.6CVSS7.2AI score0.02282EPSS
Exploits1References3
OSV
OSV
added 2016/04/12 2:59 p.m.3 views

UBUNTU-CVE-2015-8702

The DNS::GetResult function in dns.cpp in InspIRCd before 2.0.19 allows remote DNS servers to cause a denial of service netsplit via an invalid character in a PTR response, as demonstrated by a "\032" whitespace character in a hostname...

8.6CVSS7.3AI score0.02282EPSS
Exploits1References4
Rows per page
Query Builder