OSV-2021-1691 UNKNOWN READ in kh_resize_ucl_hash_node

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42323 Crash type: UNKNOWN READ Crash state: khresizeuclhashnode khputuclhashnode uclhashinsert...

CVE-2020-36131

AOM v2.0.1 was discovered to contain a stack buffer overflow via the component stats/ratehist.c...

SUSE-SU-2021:3840-1 Security update for python-Pygments

This update for python-Pygments fixes the following issues: - CVE-2021-27291: Fixed ReDoS via crafted malicious input bsc1184812...

ASB-A-190404405

Bulletin has no description...

DEBIAN-CVE-2021-3974

vim is vulnerable to Use After Free...

OSV-2021-1559 Heap-buffer-overflow in ih264d_mark_err_slice_skip

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40851 Crash type: Heap-buffer-overflow WRITE 4 Crash state: ih264dmarkerrsliceskip ih264dvideodecode ih264dapifunction...

CVE-2021-42074

An issue was discovered in Barrier before 2.3.4. An unauthenticated attacker can cause a segmentation fault in the barriers component aka the server-side implementation of Barrier by quickly opening and closing TCP connections while sending a Hello message for each TCP session...

SUSE-SU-2021:3562-1 Security update for SUSE Manager Server 4.1

This update fixes the following issues: spacewalk-admin: - Version 4.1.10-1 Fix setup with rhn-config-satellite bsc1190300 Allow admins to modify only spacewalk config files with rhn-config-satellite.pl bsc1190040 CVE-2021-40348 How to apply this update: 1. Log in as root user to the SUSE Manager...

CVE-2021-42715

An issue was discovered in stb stbimage.h 1.33 through 2.27. The HDR loader parsed truncated end-of-file RLE scanlines as an infinite sequence of zero-length runs. An attacker could potentially have caused denial of service in applications using stbimage by submitting crafted HDR files...

OSV-2021-1475 Heap-buffer-overflow in derive_spatial_luma_vector_prediction

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=40107 Crash type: Heap-buffer-overflow READ 1 Crash state: derivespatiallumavectorprediction filllumamotionvectorpredictors motionvectorsandrefindices...

CVE-2021-40886

Projectsend version r1295 is affected by a directory traversal vulnerability. A user with Uploader role can add value 2 for chunks parameter to bypass fileName sanitization...

PUB-A-186337918

In several functions of verifier.c, there is a possible way to disclose kernel memory due to side channel information disclosure. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation...

Failed to Verify the Connection to SQL Server

Challenge To back up a database, workers must be able to connect to the source SQL server. In case of consistent backup using a staging server, the workers must connect to the staging server. Connection to the source server is not required as Microsoft Azure performs the copy from the source to t...

Asus Rog Armory Crate Code Issue Vulnerability

Asus Rog Armory Crate is a one-stop application from Asus China Inc. for connecting, configuring and controlling a vast array of Rog gaming products. A security vulnerability exists in Asus Rog Armory Crate Lite versions prior to 4.2.10, which stems from the software previously allowing local use...

CVE-2020-21531

fig2dev 3.2.7b contains a global buffer overflow in the convpatternindex function in gencgm.c...

Unable to see the analytics on ADM

Analytics data not visible on ADM...

OSV-2021-1245 Heap-buffer-overflow in ucl_object_dtor_unref_single

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=38550 Crash type: Heap-buffer-overflow READ 8 Crash state: uclobjectdtorunrefsingle uclobjectdtorunref uclhashdestroy...

OSV-2021-1228 Heap-buffer-overflow in backup_lpf

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=38369 Crash type: Heap-buffer-overflow READ Crash state: backuplpf dav1dlrcopylpf16bpc dav1dfiltersbrowdeblockrows16bpc...

Citrix Applayering Packaging VM boot error 0xC000000F

Application layer packaging VM boot fails with theboot error 0xC000000F The above given error appears on the packaging VM while you create a new application layer/edit an application layer with an OS layer version where the language packs are newly installed, but this boot failure doesn't appear...

GHSA-36XW-HGFV-JWM7 Multiple security issues including data race, buffer overflow, and uninitialized memory drop in arr

arr crate contains multiple security issues. Specifically, 1. It incorrectly implements Sync/Send bounds, which allows to smuggle non-Sync/Send types across the thread boundary. 2. Index and IndexMut implementation does not check the array bound. 3. Array::newfromtemplate drops uninitialized memo...