[SECURITY] [DLA 2031-1] freeimage security update

Package : freeimage Version : 3.15.4-4.2+deb8u2 CVE ID : CVE-2019-12211 CVE-2019-12213 Debian Bug : 929597 It was found that freeimage, a graphics library, was affected by the following two security issues: CVE-2019-12211 Heap buffer overflow caused by invalid memcpy in PluginTIFF. This flaw migh...

SQLite Infinite Recursion Vulnerability

SQLite is a self-contained, serverless, zero-configuration, transactional SQL database engine. An infinite recursion vulnerability exists in alter.c in SQLite 3.30.1 and earlier versions, which can be exploited by an attacker to trigger infinite recursion via certain types of self-referencing vie...

AZL-39010 CVE-2019-19645 affecting package ceph for versions less than 18.2.1-1

alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements...

CVE-2019-19645

alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements...

DEBIAN-CVE-2019-19645

alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements...

CVE-2019-19645

alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements...

CVE-2019-19645

alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements...

Design/Logic Flaw

alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements...

UBUNTU-CVE-2019-19645

alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements...

CVE-2019-19645

alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements...

CVE-2019-19645

alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements...

CVE-2019-19645

CVE-2019-19645 affects SQLite. Vulnerable component: alter.c in SQLite up to version 3.30.1. Description: attackers can trigger infinite recursion through certain self-referential views when used with ALTER TABLE statements. Impact stated as infinite recursion, implying potential crash/denial of ...

Denial Of Service (DoS)

bittorrent-dht is vulnerable to denial of service DOS attacks. The vulnerability exists as it does not restrict to run one ping at the time, leading to an infinite asnyc ping recursion and an application crash when a malicious user sends a large number of pings simultaneously without disregarding...

EulerOS 2.0 SP5 : libxkbcommon (EulerOS-SA-2019-2540)

According to the versions of the libxkbcommon packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An invalid free in ExprAppendMultiKeysymList in xkbcomp/ast-build.c in xkbcommon before 0.8.1 could be used by local attackers to crash...

EulerOS 2.0 SP5 : screen (EulerOS-SA-2019-2548)

According to the version of the screen package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The MScrollV function in ansi.c in GNU screen 4.3.1 and earlier does not properly limit recursion, which allows remote attackers to cause a denial o...

EulerOS 2.0 SP2 : qpdf (EulerOS-SA-2019-2465)

According to the version of the qpdf package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An issue was discovered in QPDF before 7.0.0. Endless recursion causes stack exhaustion in QPDFTokenizer::resolveLiteral in QPDFTokenizer.cc, related ...

Updated djvulibre packages fix security vulnerabilities

The updated packages fix security vulnerabilities: In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows attackers to cause a denial-of-service application crash in GStringRep::strdup in libdjvu/GString.cpp caused by a heap-based buffer over-read by crafting a DJVU file...

MGASA-2019-0346 Updated djvulibre packages fix security vulnerabilities

The updated packages fix security vulnerabilities: In DjVuLibre 3.5.27, DjVmDir.cpp in the DJVU reader component allows attackers to cause a denial-of-service application crash in GStringRep::strdup in libdjvu/GString.cpp caused by a heap-based buffer over-read by crafting a DJVU file...

CVE-2019-18854

A Denial Of Service vulnerability exists in the safe-svg aka Safe SVG plugin through 1.9.4 for WordPress, related to unlimited recursion for a '' substring...

CVE-2019-18854

A Denial Of Service vulnerability exists in the safe-svg aka Safe SVG plugin through 1.9.4 for WordPress, related to unlimited recursion for a '' substring...