blit-server (>=0.20.0 <=0.28.3), gridvid (>=0.1.0 <=0.3.0) +7 more potentially affected by CVE-2025-27091 via openh264-sys2 (>=0.1.17 <=0.7.1)

openh264-sys2 CARGO version =0.1.17, =0.20.0, =0.1.0, =0.1.9, =0.1.33, =0.2.0, =0.1.0, =0.4.0, =0.5.5 Source cves: CVE-2025-27091 Source advisory: OSV:RUSTSEC-2025-0008...

Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in curl

Summary IBM Flex System Chassis Management Module CMM has addressed the following vulnerabilities in curl. Vulnerability Details CVEID: CVE-2018-1000120 DESCRIPTION: curl is vulnerable to a heap-based buffer overflow, caused by improper bounds checking when handling FTP URLs. By persuading a vict...

SUSE CVE-2018-1000122

A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage...

NewStart CGSL CORE 5.04 / MAIN 5.04 : curl Multiple Vulnerabilities (NS-SA-2019-0039)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has curl packages installed that are affected by multiple vulnerabilities: - curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl...

EulerOS Virtualization for ARM 64 3.0.1.0 : curl (EulerOS-SA-2019-1540)

According to the versions of the curl packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function...

RHEL 7 : curl and nss-pem (RHSA-2018:3157)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3157 advisory. The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTT...

SUSE SLES11 Security Update : curl (SUSE-SU-2018:1323-1)

This update for curl fixes the following issues: curl was updated to version 7.37.0 fate325339 bsc1084137 This update syncs the curl version to the one in SUSE Linux Enterprise 12 and is full binary compatible to the previous version. This update is done to allow other third-party software like '...

Security fix for the ALT Linux 8 package curl version 7.59.0-alt1

March 31, 2018 Anton Farygin 7.59.0-alt1 - new version - fixes: CVE-2018-1000120 FTP path trickery leads to NIL byte out of bounds write CVE-2018-1000121 LDAP NULL pointer dereference CVE-2018-1000122 RTSP RTP buffer over-read...

SUSE SLED12 / SLES12 Security Update : curl (SUSE-SU-2018:0769-1)

This update for curl fixes the following issues: Following security issues were fixed : - CVE-2018-1000120: A buffer overflow exists in the FTP URL handling that allowed an attacker to cause a denial of service or possible code execution bsc1084521. - CVE-2018-1000121: A NULL pointer dereference...

[ASA-201803-16] lib32-curl: multiple issues

Arch Linux Security Advisory ASA-201803-16 ========================================== Severity: Medium Date : 2018-03-19 CVE-ID : CVE-2018-1000120 CVE-2018-1000121 CVE-2018-1000122 Package : lib32-curl Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-654 Summary =====...

Haxx curl heap buffer overflow vulnerability

Haxx curl is a set of file transfer tools from the Swedish company Haxx that work on the command line using URL syntax, the tool supports file uploads and downloads, and includes a libcurl client-side URL transfer library for program development. A heap buffer overflow vulnerability exists in the...

Feng多个远程溢出及拒绝服务漏洞

BUGTRAQ ID: 27049 Feng是意大利Politecnico di Torino大学所开发的开源RTSP/RTP流媒体服务器。 Feng的实现上存在多个缓冲区溢出漏洞，远程攻击者可能利用此漏洞控制用户系统。 --------------------------------------------------- A RTSPvalidresponsemsg中缓冲区溢出（1） ---------------------------------------------------...

Multiple vulnerabilities in libnemesi 0.6.4-rc1

Luigi Auriemma Application: libnemesi http://live.polito.it/documentation/libnemesi Versions: = 0.6.4-rc1 Platforms: nix Bugs: A buffer-overflow in handlertsppkt B buffer-overflow in the sendrequest functions C buffer-overflow in gettransportstr Exploitation: remote Date: 27 Dec 2007 Author: Luig...

Multiple vulnerabilities in Feng 0.1.15

Luigi Auriemma Application: Feng http://live.polito.it/documentation/feng Versions: = 0.1.15 Platforms: nix Bugs: A first buffer-overflow in RTSPvalidresponsemsg B second buffer-overflow in RTSPvalidresponsemsg C crash in RTSPremovemsg D NULL pointer in parsetransportheader E NULL pointer in...