CVE-2019-5717

In Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11, the PMUL dissector could crash. This was addressed in epan/dissectors/packet-pmul.c by rejecting the invalid sequence number of zero...

Fedora 29 : python-markdown2 (2018-6a8028084d)

python-markdown2 2.3.6 - pull 282 Add TOC depth option - pull 283 Fix to add TOC html to output via CLI - pull 284 Do not remove anchors in safemode - pull 288 fixing cuddled-lists with a single list item - pull 292 Fix Wrong rendering of last list element - pull 295 link-patterns fix - pull 300...

UBUNTU-CVE-2018-20362

A NULL pointer dereference was discovered in ifilterbank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. The vulnerability causes a segmentation fault and application crash because adding to windowed output is mishandled in the EIGHTSHORTSEQUENCE case...

ALPINE-CVE-2018-20362

A NULL pointer dereference was discovered in ifilterbank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. The vulnerability causes a segmentation fault and application crash because adding to windowed output is mishandled in the EIGHTSHORTSEQUENCE case...

DEBIAN-CVE-2018-20362

A NULL pointer dereference was discovered in ifilterbank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. The vulnerability causes a segmentation fault and application crash because adding to windowed output is mishandled in the EIGHTSHORTSEQUENCE case...

VUEMUIAgent not launching when login to Windows right away after getting Ctrl+Alt+Del

VUEMUIAgent not launching after login to user session right away after getting to Ctrl+Alt+Del. When waiting for about two minutes at Ctrl+Alt+Del without login, and then after the two minutes we login, then the VUEMUIAgent launches fine...

ALPINE-CVE-2018-20199

A NULL pointer dereference was discovered in ifilterbank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service because adding to windowed output is mishandled in the...

DEBIAN-CVE-2018-20198

A NULL pointer dereference was discovered in ifilterbank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service because adding to windowed output is mishandled in the...

UBUNTU-CVE-2018-20198

A NULL pointer dereference was discovered in ifilterbank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service because adding to windowed output is mishandled in the...

DEBIAN-CVE-2018-20199

A NULL pointer dereference was discovered in ifilterbank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service because adding to windowed output is mishandled in the...

DEBIAN-CVE-2018-20167

Terminology before 1.3.1 allows Remote Code Execution because popmedia is mishandled, as demonstrated by an unsafe "cat README.md" command when \epn is used. A popmedia control sequence can allow the malicious execution of executable file formats registered in the X desktop share MIME types...

PT-2018-15281 · Enlightenment +1 · Terminology +1

Name of the Vulnerable Software and Affected Versions: Terminology versions prior to 1.3.1 Description: The issue allows Remote Code Execution due to the mishandling of popmedia. This can be demonstrated by an unsafe command, such as "cat README.md", when a specific sequence is used. A popmedia...

PT-2018-3077 · Audiocoding +1 · Faad2 +1

Name of the Vulnerable Software and Affected Versions: Freeware Advanced Audio Decoder 2 FAAD2 version 2.8.8 Description: A NULL pointer dereference was discovered in the ifilter bank function of libfaad/filtbank.c. This issue causes a segmentation fault and application crash due to mishandling o...

LiteSpeed OpenLiteSpeed Denial of Service Vulnerability

LiteSpeed OpenLiteSpeed is an open source lightweight HTTP server . A denial of service vulnerability exists in LiteSpeed OpenLiteSpeed versions prior to 1.5.0 RC6, which stems from the program's failure to properly handle requests for sequences of bytes, and can be exploited to cause a denial of...

kernel: Use-after-free in the vmacache_flush_all function resulting in a possible privilege escalation

A security flaw was discovered in the Linux kernel. The vmacacheflushall function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free and possibly gain privileges via certain thread creation, map, unmap, invalidation, and dereference operations...

CVE-2018-19185

An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoderencodeOctetString in mms/asn1/berencoder.c. This is exploitable even after CVE-2018-18834 has been patched, with a different dataSetValue sequence than the CVE-2018-18834 attack vector...

Heap overflow

An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoderencodeOctetString in mms/asn1/berencoder.c. This is exploitable even after CVE-2018-18834 has been patched, with a different dataSetValue sequence than the CVE-2018-18834 attack vector...

F5 Networks BIG-IP : TMM vulnerability (K37404773)

An undisclosed sequence of packets, sourced from an adjacent network may cause TMM to crash.CVE-2017-6134 Impact This issue is exposed in the default configuration. Traffic processing is disrupted while the Traffic Management Microkernel TMM restarts. If the affected F5 device is configured as pa...

CVE-2018-7356

All versions up to V3.03.10.B23P2 of ZTE ZXR10 8905E product are impacted by TCP Initial Sequence Number ISN reuse vulnerability, which can generate easily predictable ISN, and allows remote attackers to spoof connections...

Huawei Watch Privilege Control Vulnerability

Huawei Watch 2 is Huawei's second generation smart sports watch. A privilege control vulnerability exists in Huawei Watch 2. Due to misconfiguration of privileges for specific operations, an attacker who has been informed that the watch is bound to a Huawei account can bypass privilege checking b...