DEBIAN-CVE-2018-18197

An issue was discovered in libgig 4.1.0. There is an operator new failure due to a big pSampleLoops heap request in DLS::Sampler::Sampler in DLS.cpp...

CVE-2018-18195

An issue was discovered in libgig 4.1.0. There is an FPE divide-by-zero error in DLS::Sample::Sample in DLS.cpp...

UBUNTU-CVE-2018-18195

An issue was discovered in libgig 4.1.0. There is an FPE divide-by-zero error in DLS::Sample::Sample in DLS.cpp...

Design/Logic Flaw

An issue was discovered in libgig 4.1.0. There is an FPE divide-by-zero error in DLS::Sample::Sample in DLS.cpp...

CVE-2018-18195

CVE-2018-18195 concerns libgig 4.1.0, where an FPE (divide-by-zero) occurs in DLS::Sample::Sample within DLS.cpp. The available sources consistently describe a fault in the Sample object construction that can trigger a division-by-zero condition. The materials do not specify affected platforms be...

CVE-2018-18195

An issue was discovered in libgig 4.1.0. There is an FPE divide-by-zero error in DLS::Sample::Sample in DLS.cpp...

CVE-2018-12169

Platform sample code firmware in 4th Generation Intel Core Processor, 5th Generation Intel Core Processor, 6th Generation Intel Core Processor, 7th Generation Intel Core Processor and 8th Generation Intel Core Processor contains a logic error which may allow physical attacker to potentially bypas...

Singularity - A DNS Rebinding Attack Framework

Singularity of Origin is a tool to perform DNS rebinding attacks. It includes the necessary components to rebind the IP address of the attack server DNS name to the target machine's IP address and to serve attack payloads to exploit vulnerable software on the target machine. It also ships with...

@atlauncher/atlauncher-scripts (>=0.1.0-18 <=0.1.0-19), @atomist/sample-sdm (>=0.5.1-atomist-update-latest-1540938130032.20181101043939 <=0.5.1-master.20181101044648) +415 more potentially affected by CVE-2018-16487 +1 more via lodash.merge (>=4.0.1 <=4.6.1)

lodash.merge NPM version =4.0.1, =0.1.0-18, =0.5.1-atomist-update-latest-1540938130032.20181101043939, =5.3.8, =3.1.0, =5.0.0, =5.2.7, =5.2.8, =6.1.1, =5.0.0, =5.0.0, =5.2.8, =5.1.1, =0.1.3, =6.2.6, =6.3.3 and more Source cves: CVE-2018-16487, CVE-2018-3721 Source advisory:...

This Week in Security News: Facebook and Feds

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, Facebook’s chief security officer resigned as Facebook steps up its cybersecurity efforts. Also, Feds indicted three Ukrainians charged with...

Bento4 Buffer Overflow Vulnerability (CNVD-2019-07062)

Bento4 is an open source C++ library for reading and writing MP4 files. A buffer overflow vulnerability exists in the 'AP4Mpeg2TsAudioSampleStream::WriteSample' function in the Core/Ap4Mpeg2Ts.cpp file in Bento4 version 1.5.1-624, which can be exploited by an attacker to can be exploited to cause...

UBUNTU-CVE-2018-14544

There exists one invalid memory read bug in AP4SampleDescription::GetFormat in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp42ts...

Bento4 Invalid Memory Read Vulnerability

Bento4 is a C++ class library and tool for reading and writing ISO-MP4 files. An invalid memory read vulnerability exists in AP4SampleDescription::GetType in Ap4SampleDescription.h in Bento4 1.5.1-624, which can be exploited by an attacker to cause a denial of service via specially crafted mp4...

Libgig Out-of-Bounds Read Vulnerability

libgig is a C++ library for loading, modifying existing and creating new Gigasampler .gig files and DLS downloadable sound level 1/2 files, KORG sample-based instruments .KSF and .KMP files, SoundFont v2 .sf2 files and AKAI sampler data. An out-of-bounds read vulnerability exists in the store32...

Bento4 Invalid Memory Read Vulnerability (CNVD-2019-05129)

Bento4 is a C++ class library and tool for reading and writing ISO-MP4 files. An invalid memory read vulnerability exists in AP4SampleDescription::GetFormat in Ap4SampleDescription.h in Bento4 1.5.1-624, which can be exploited by an attacker to cause a denial of service via specially crafted mp4...

Security update for libopenmpt (moderate)

This update for libopenmpt to version 0.3.9 fixes the following issues: These security issues were fixed: - CVE-2018-11710: Prevent write near address 0 in out-of-memory situations when reading AMS files bsc1095644 - CVE-2018-10017: Preven out-of-bounds memory read with IT/ITP/MO3 files containin...

Jumpstart your Microsoft Graph Security API integration with the new JavaScript sample app

The Microsoft Graph Security API, which launched this spring, is a unified REST API for integrating data and intelligence from Microsoft products, services, and partners. Using Microsoft Graph, developers can easily build applications that consolidate and correlate security alerts from multiple...

CVE-2017-5704

Platform sample code firmware included with 4th Gen Intel Core Processor, 5th Gen Intel Core Processor, 6th Gen Intel Core Processor, and 7th Gen Intel Core Processor potentially exposes password information in memory to a local attacker with administrative privileges...

CVE-2017-5704

Platform sample code firmware included with 4th Gen Intel Core Processor, 5th Gen Intel Core Processor, 6th Gen Intel Core Processor, and 7th Gen Intel Core Processor potentially exposes password information in memory to a local attacker with administrative privileges...

CVE-2018-13848

An issue has been found in Bento4 1.5.1-624. It is a SEGV in AP4StszAtom::GetSampleSize in Core/Ap4StszAtom.cpp...