Moderate: Red Hat Security Advisory: python3 security update

An update for python3 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

CVE-2020-23851

FFJPEG is affected by a stack-based buffer overflow in the jfif_decode(void *ctxt, BMP *pb) function (ffjpeg/src/jfif.c:513:28) that could cause denial of service when processing specially crafted JPEGs. Affected versions are FFJPEG prior to 2020-07-02. Several sources reiterate this flaw (CVE-20...

Security Bulletin: A vulnerability in Java affects IBM Cloud Pak for Multicloud Management Monitoring

Summary Eclipse OpenJ9 is vulnerable to a stack-based buffer overflow when the virtual machine or JNI natives are converting from UTF-8 characters to platform encoding. By sending an overly long string, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause th...

python38:3.8 security update

An update is available for python-psycopg2, python-PyMySQL, python-lxml, python3x-six, python-urllib3, PyYAML, python-jinja2, python-requests, modwsgi, python38, python-asn1crypto, python3x-pip, python-chardet, python-markupsafe, Cython, python-psutil, python-ply, babel, python-wheel,...

Moderate: python27:2.7 security and bug fix update

Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for...

ALSA-2021:1761 Moderate: python27:2.7 security and bug fix update

Python is an interpreted, interactive, object-oriented programming language that supports modules, classes, exceptions, high-level dynamic data types, and dynamic typing. The python27 packages provide a stable release of Python 2.7 with a number of additional utilities and database connectors for...

ICSA-21-040-06_Siemens JT2Go and Teamcenter Visualization (Update A)

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Siemens Equipment: JT2Go and Teamcenter Visualization Vulnerabilities: Out-of-bounds Read, Improper Restriction of Operations within the Bounds of a Memory Buffer, Stack-based Buffer overflow, Out-of-Bounds Write, Type...

CVE-2021-27413

Omron CX-One Versions 4.60 and prior, including CX-Server Versions 5.0.29.0 and prior, are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code...

CVE-2021-27398

Tecnomatix Plant Simulation (all versions

Omron CX-One

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: Omron Equipment: CX-One Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow arbitrary code execution. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The...

Siemens SIMATIC UltraVNC HMI WinCC Products

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SIMATIC HMIs/WinCC Products Vulnerabilities: Improper Initialization, Out-of-bounds Read, Heap-based Buffer Overflow, Stack-based Buffer Overflow, Access of Memory Location After End...

CVE-2021-22673

The affected product is vulnerable to stack-based buffer overflow while processing over-the-air firmware updates from the CDN server, which may allow an attacker to remotely execute code on the SimpleLink Wi-Fi MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK...

Stack overflow

The affected product is vulnerable to stack-based buffer overflow while processing over-the-air firmware updates from the CDN server, which may allow an attacker to remotely execute code on the SimpleLink Wi-Fi MSP432E4 SDK: v4.20.00.12 and prior, CC32XX SDK v4.30.00.06 and prior, CC13X0 SDK...

CVE-2021-22673

The CVE-2021-22673 entry concerns Texas Instruments SimpleLink wireless MCUs. A stack-based buffer overflow bug occurs while processing over-the-air firmware updates from the CDN server, potentially allowing remote code execution on affected devices. Affected SDKs include MSP432E4 SDK v4.20.00.12...

Siemens JT2Go < 13.1.0.1 Multiple Vulnerabilities (SSA-663999)

The version of Siemens JT2Go installed on the remote Windows hosts is prior to 13.1.0.1. It is, therefore, affected by multiple vulnerabilities, including the following: - A vulnerability has been identified in JT2Go. Affected applications lack proper validation of user-supplied data when parsing...

CVE-2021-20515

CVE-2021-20515 affects IBM Informix Dynamic Server 14.10 and describes a stack-based buffer overflow caused by improper bounds checking. A locally privileged user could overflow a buffer and execute arbitrary code or cause a denial of service. IBM’s Security Bulletin lists 14.10.xC5 as the fix ve...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Rational Directory Server (Tivoli) & Rational Directory Administrator

Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7 and Version 8 used by Rational Directory Server Tivoli and Rational Directory Administrator. These issues were disclosed as part of the IBM Java SDK updates in February 2021. Upgrade the JRE in order to resolve...

Texas Instruments SimpleLink

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Texas Instruments Equipment: SimpleLink Wi-Fi, MSP432, CC13XX, CC26XX, CC32XX, CC3100 Vulnerabilities: Stack-based Buffer Overflow, Integer Overflow or Wraparound 2. RISK EVALUATION Successful...

CVE-2021-27480

Delta Industrial Automation COMMGR Versions 1.12 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute remote code...

CVE-2021-27480

Delta Industrial Automation COMMGR Versions 1.12 and prior are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute remote code...