Qualcomm Chipsets 缓冲区错误漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A buffer error vulnerability exists in Qualcomm Chipsets that stems from the UE improperly handling RTP packets when reorganizing NALUs, which could lead to memory corruption...

Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in curl

Summary IBM Flex System Chassis Management Module CMM has addressed the following vulnerabilities in curl. Vulnerability Details CVEID: CVE-2018-1000120 DESCRIPTION: curl is vulnerable to a heap-based buffer overflow, caused by improper bounds checking when handling FTP URLs. By persuading a vict...

EulerOS Virtualization for ARM 64 3.0.1.0 : curl (EulerOS-SA-2019-1540)

According to the versions of the curl packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function...

SUSE SLES11 Security Update : curl (SUSE-SU-2018:1323-1)

This update for curl fixes the following issues: curl was updated to version 7.37.0 fate325339 bsc1084137 This update syncs the curl version to the one in SUSE Linux Enterprise 12 and is full binary compatible to the previous version. This update is done to allow other third-party software like '...

SUSE SLED12 / SLES12 Security Update : curl (SUSE-SU-2018:0769-1)

This update for curl fixes the following issues: Following security issues were fixed : - CVE-2018-1000120: A buffer overflow exists in the FTP URL handling that allowed an attacker to cause a denial of service or possible code execution bsc1084521. - CVE-2018-1000121: A NULL pointer dereference...

[ASA-201803-16] lib32-curl: multiple issues

Arch Linux Security Advisory ASA-201803-16 ========================================== Severity: Medium Date : 2018-03-19 CVE-ID : CVE-2018-1000120 CVE-2018-1000121 CVE-2018-1000122 Package : lib32-curl Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-654 Summary =====...

CVE-2018-1000122

A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage...

Asterisk multiple security vulnerabilities

Multiple format string vulnerabilities, buffer overflow on RTP handling, HTTP interface sessions spoofing, unauthorized SIP calls...

[SA19095] Oreka RTP Handling Denial of Service Vulnerability

TITLE: Oreka RTP Handling Denial of Service Vulnerability SECUNIA ADVISORY ID: SA19095 VERIFY ADVISORY: http://secunia.com/advisories/19095/ CRITICAL: Less critical IMPACT: DoS WHERE: From local network SOFTWARE: Oreka 0.x http://secunia.com/product/8523/ DESCRIPTION: A vulnerability has been...