An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd) as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\0' character.

...

Cisco StarOS IPv6 Denial of Service Vulnerability

A vulnerability in the IPv6 implementation of Cisco StarOS could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to insufficient validation of incoming IPv6 traffic. An attacker could exploit this vulnerability b...

CVE-2020-16269

radare2 4.5.0 misparses DWARF information in executable files, causing a segmentation fault in parsetypedef in typedwarf.c via a malformed DWATname in the .debuginfo section...

CVE-2020-16269

radare2 4.5.0 misparses DWARF information in executable files, causing a segmentation fault in parsetypedef in typedwarf.c via a malformed DWATname in the .debuginfo section...

CVE-2020-16269

radare2 4.5.0 misparses DWARF information in executable files, causing a segmentation fault in parsetypedef in typedwarf.c via a malformed DWATname in the .debuginfo section...

CVE-2020-16269

radare2 4.5.0 misparses DWARF information in executable files, causing a segmentation fault in parsetypedef in typedwarf.c via a malformed DWATname in the .debuginfo section...

grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow

A flaw was found in grub2. An expected font value is not verified before proceeding with buffer allocations allowing an attacker to use a malicious font file to create an arithmetic overflow, zero-sized allocation, and further heap-based buffer overflow. The highest threat from this vulnerability...

grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow

A flaw was found in grub2. An expected font value is not verified before proceeding with buffer allocations allowing an attacker to use a malicious font file to create an arithmetic overflow, zero-sized allocation, and further heap-based buffer overflow. The highest threat from this vulnerability...

grub2 heap buffer overflow vulnerability (CNVD-2020-45111)

GRUB2 is a bootloader. A heap buffer overflow vulnerability exists in the readsectionasstring function in grub2 versions prior to 2.06. An attacker can exploit this vulnerability to cause an arithmetic overflow and zero-size allocation via a malicious font file with the name UINT32MAX, which can...

ALPINE-CVE-2020-14310

There is an issue on grub2 before version 2.06 at function readsectionasstring. It expects a font name to be at max UINT32MAX - 1 length in bytes but it doesn't verify it before proceed with buffer allocation to read the value from the font value. An attacker may leverage that by crafting a...

grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow

A flaw was found in grub2. An expected font value is not verified before proceeding with buffer allocations allowing an attacker to use a malicious font file to create an arithmetic overflow, zero-sized allocation, and further heap-based buffer overflow. The highest threat from this vulnerability...

grub2: Integer overflow read_section_as_string may lead to heap-based buffer overflow

A flaw was found in grub2. An expected font value is not verified before proceeding with buffer allocations allowing an attacker to use a malicious font file to create an arithmetic overflow, zero-sized allocation, and further heap-based buffer overflow. The highest threat from this vulnerability...

UBUNTU-CVE-2020-14310

There is an issue on grub2 before version 2.06 at function readsectionasstring. It expects a font name to be at max UINT32MAX - 1 length in bytes but it doesn't verify it before proceed with buffer allocation to read the value from the font value. An attacker may leverage that by crafting a...

PT-2020-3622 · Gnu +7 · Grub2 +7

Name of the Vulnerable Software and Affected Versions: grub2 versions prior to 2.06 Description: The issue is related to the read section as string function, which expects a font name to be at most UINT32 MAX - 1 length in bytes but does not verify it before proceeding with buffer allocation. Thi...

Low: Red Hat Security Advisory: OpenShift Container Platform 4.4.14 ose-cluster-machine-approver-container security update

An update for ose-cluster-machine-approver-container is now available for Red Hat OpenShift Container Platform 4.4. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Important: Red Hat Security Advisory: Red Hat build of Thorntail 2.7.0 security and bug fix update

An update is now available for Red Hat build of Thorntail. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more...

CVE-2020-13932

In Apache ActiveMQ Artemis 2.5.0 to 2.13.0, a specially crafted MQTT packet which has an XSS payload as client-id or topic name can exploit this vulnerability. The XSS payload is being injected into the admin console's browser. The XSS payload is triggered in the diagram plugin; queue node and th...

CVE-2020-13932

In Apache ActiveMQ Artemis 2.5.0 to 2.13.0, a specially crafted MQTT packet which has an XSS payload as client-id or topic name can exploit this vulnerability. The XSS payload is being injected into the admin console's browser. The XSS payload is triggered in the diagram plugin; queue node and th...

Cross site scripting

In Apache ActiveMQ Artemis 2.5.0 to 2.13.0, a specially crafted MQTT packet which has an XSS payload as client-id or topic name can exploit this vulnerability. The XSS payload is being injected into the admin console's browser. The XSS payload is triggered in the diagram plugin; queue node and th...

openSUSE Security Update : singularity (openSUSE-2020-1011)

This update for singularity fixes the following issues : - New version 3.6.0. This version introduces a new signature format for SIF images, and changes to the signing / verification code to address the following security problems : - CVE-2020-13845, boo1174150 In Singularity 3.x versions below...