About the security content of iOS 12.1.3 - Apple Support

About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. Apple security documents reference...

VLC Media Player Multiple Vulnerabilities (sb-vlc308) - Mac OS X

VLC Media Player is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:videolan:vlcmediaplayer";...

OPENSUSE-SU-2019:1223-1 Security update for SDL

This update for SDL fixes the following issues: Security issues fixed: - CVE-2019-7572: Fixed a buffer over-read in IMAADPCMnibble in audio/SDLwave.c.bsc1124806. - CVE-2019-7578: Fixed a heap-based buffer over-read in InitIMAADPCM in audio/SDLwave.c bsc1125099. - CVE-2019-7576: Fixed heap-based...

SUSE-SU-2019:0950-1 Security update for SDL2

This update for SDL2 fixes the following issues: Security issues fixed: - CVE-2019-7572: Fixed a buffer over-read in IMAADPCMnibble in audio/SDLwave.c.bsc1124806. - CVE-2019-7578: Fixed a heap-based buffer over-read in InitIMAADPCM in audio/SDLwave.c bsc1125099. - CVE-2019-7576: Fixed heap-based...

libvncserver: Heap out-of-bounds write in rfbserver.c in rfbProcessFileTransferReadBuffer() allows for potential code execution

LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution...

Debian DSA-4331-1 : curl - security update

Two vulnerabilities were discovered in cURL, an URL transfer library. - CVE-2018-16839 Harry Sintonen discovered that, on systems with a 32 bit sizet, an integer overflow would be triggered when a SASL user name longer than 2GB is used. This would in turn cause a very small buffer to be allocated...

[SECURITY] [DSA 4331-1] curl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4331-1 [email protected] https://www.debian.org/security/ Alessandro Ghedini November 02, 2018 https://www.debian.org/security/faq -...

CVE-2018-16412

ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the coders/psd.c ParseImageResourceBlocks function...

CVE-2018-14780

An out-of-bounds read issue was discovered in the Yubico-Piv 1.5.0 smartcard driver. The file lib/ykpiv.c contains the following code in the function ykpivfetchobject: % highlight c % ifsw == SWSUCCESS sizet outlen; int offs = ykpivgetlengthdata + 1, &outlen; ifoffs == 0 return YKPIVSIZEERROR;...

curl -- SMTP send heap buffer overflow

Peter Wu reports: curl might overflow a heap based memory buffer when sending data over SMTP and using a reduced read buffer...

Updated ioquake3 packages fix security vulnerability

It was discovered that ioquake3 contained a read buffer overflow that allows remote attackers to cause a denial of service CVE-2017-11721...

tomcat: Usage of vulnerable FileUpload package can result in denial of service

A denial of service vulnerability was identified in Commons FileUpload that occurred when the length of the multipart boundary was just below the size of the buffer 4096 bytes used to read the uploaded file if the boundary was the typical tens of bytes long...

MGASA-2017-0066 Updated libevent packages fix security vulnerability

The DNS code of Libevent contains an OOB read which can trigger a crash CVE-2016-10197 The libevent evutilparsesockaddrport contains a buffer overflow which can cause a segmentation fault CVE-2016-10196 The nameparse function in libevent's DNS code is vulnerable to a buffer overread CVE-2016-1019...

wavpack -- multiple invalid memory reads

David Bryant reports: global buffer overread in readcode / readwords.c heap out of bounds read in WriteCaffHeader / caff.c heap out of bounds read in unreorderchannels / wvunpack.c heap oob read in readnewconfiginfo / openutils.c...

tomcat: Usage of vulnerable FileUpload package can result in denial of service

A denial of service vulnerability was identified in Commons FileUpload that occurred when the length of the multipart boundary was just below the size of the buffer 4096 bytes used to read the uploaded file if the boundary was the typical tens of bytes long...

tomcat: Usage of vulnerable FileUpload package can result in denial of service

A denial of service vulnerability was identified in Commons FileUpload that occurred when the length of the multipart boundary was just below the size of the buffer 4096 bytes used to read the uploaded file if the boundary was the typical tens of bytes long...

tomcat: Usage of vulnerable FileUpload package can result in denial of service

A denial of service vulnerability was identified in Commons FileUpload that occurred when the length of the multipart boundary was just below the size of the buffer 4096 bytes used to read the uploaded file if the boundary was the typical tens of bytes long...

Debian Security Advisory DSA 3215-1 (libgd2 - security update)

Multiple vulnerabilities were discovered in libgd2, a graphics library: CVE-2014-2497 The gdImageCreateFromXpm function would try to dereference a NULL pointer when reading an XPM file with a special color table. This could allow remote attackers to cause a denial of service crash via crafted XPM...

grep: denial of service

The bmexectrans function in kwset.c allows local users to cause a denial of service out-of-bounds heap read and crash via crafted input when using the -F option. grep's read buffer is often filled to its full size, except when reading the final buffer of a file. In that case, the number of bytes...

Mandriva Linux Security Advisory : libarchive (MDVSA-2013:147)

A vulnerability has been found and corrected in libarchive : Fabian Yamaguchi reported a read buffer overflow flaw in libarchive on 64-bit systems where sizeofsizet is equal to 8. In the archivewritezipdata function in libarchive/ archivewritesetformatzip.c, the 's' parameter is of type sizet 64...