Fedora 28 : zsh (2018-a5e9a619f6)

update to latest upstream release, which fixes the following vulnerabilities : - CVE-2018-1100 - stack-based buffer overflow in utils.c:checkmailpath - CVE-2018-1083 - stack-based buffer overflow in compctl.c:genmatchesfiles - CVE-2018-1071 - stack-based buffer overflow in exec.c:hashcmd Note tha...

SUSE SLED15 / SLES15 Security Update : libsndfile (SUSE-SU-2018:2074-1)

This update for libsndfile fixes the following issues: Security issues fixed : - CVE-2018-13139: Fix a stack-based buffer overflow in psfmemset in common.c that allows remote attackers to cause a denial of service bsc1100167. - CVE-2017-17456: Prevent segmentation fault in the function d2alawarra...

SUSE SLES12 Security Update : php7 (SUSE-SU-2016:2460-1)

This update for php7 fixes the following security issues : - CVE-2016-6128: Invalid color index not properly handled bsc987580 - CVE-2016-6161: global out of bounds read when encoding gif from malformed input withgd2togif bsc988032 - CVE-2016-6292: NULL pointer dereference in exifprocessusercomme...

Horner Automation Cscape CSP File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Horner Automation Cscape. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2018:3159-1)

The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-17182: The vmacacheflushall function in mm/vmacache.c mishandled sequence number overflows. An attacker can trigger a use-after-free and possibly gain...

SUSE SLES15 Security Update : ovmf (SUSE-SU-2018:4155-1)

This update for ovmf fixes the following issues : Security issues fixed : CVE-2018-3613: Fixed AuthVariable Timestamp zeroing issue on APPENDWRITE bsc1115916. CVE-2017-5731: Fixed privilege escalation via processing of malformed files in TianoCompress.c bsc1115917. CVE-2017-5732: Fixed privilege...

SUSE SLED15 / SLES15 Security Update : tcpdump (SUSE-SU-2018:4131-1)

This update for tcpdump fixes the following issues : Security issues fixed : CVE-2018-19519: Fixed a stack-based buffer over-read in the printprefix function bsc1117267 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenab...

SUSE SLES12 Security Update : php5 (SUSE-SU-2016:2477-1)

This update for php5 fixes the following security issues : - CVE-2016-7411: php5: Memory corruption when destructing deserialized object - CVE-2016-7412: Heap overflow in mysqlnd when not receiving UNSIGNEDFLAG in BIT field - CVE-2016-7413: Use after free in wddxdeserialize - CVE-2016-7414: Out o...

openSUSE Security Update : libraw (openSUSE-2018-1619)

This update for libraw fixes the following issues : The following security vulnerabilities were addressed : - CVE-2018-5804: Fixed a type confusion error within the identify function that could trigger a division by zero, leading to a denial of service Dos. boo1097975 - CVE-2018-5805: Fixed a...

CVE-2018-20593

In Mini-XML aka mxml v2.12, there is stack-based buffer overflow in the scanfile function in mxmldoc.c...

Stack overflow

In Mini-XML aka mxml v2.12, there is stack-based buffer overflow in the scanfile function in mxmldoc.c...

CVE-2018-20593

In Mini-XML aka mxml v2.12, there is stack-based buffer overflow in the scanfile function in mxmldoc.c...

CVE-2018-20593

CVE-2018-20593 affects Mini-XML (mxml) 2.12, with a stack-based buffer overflow in the scan_file function of mxmldoc.c. Connected advisories confirm the issue across multiple distributions and track a set of related CVEs (CVE-2018-20004, -20005, -20592, -20593), indicating the vulnerability arise...

MGASA-2018-0492 Updated tcpdump package fixes security vulnerability

Fixed a stack-based buffer over-read in the printprefix function CVE-2018-19519...

Updated tcpdump package fixes security vulnerability

Fixed a stack-based buffer over-read in the printprefix function CVE-2018-19519...

EulerOS 2.0 SP2 : libsndfile (EulerOS-SA-2018-1447)

According to the version of the libsndfile package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A stack-based buffer overflow in psfmemset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service application cra...

Scientific Linux Security Update : ntp on SL6.x i386/x86_64 (20181220)

Security Fixes : - ntp: Stack-based buffer overflow in ntpq and ntpdc allows denial of service or code execution CVE-2018-12327 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid119884; scriptversion"1.4";...

Debian: Security Advisory (DLA-1618-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-20456

In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p/asmx86nz.c may allow attackers to cause a denial of service application crash in libr/util/strbuf.c via a stack-based buffer over-read by crafting an input file, a related issue to CVE-2018-20455...

CVE-2018-20460

In radare2 prior to 3.1.2, the parseOperands function in libr/asm/arch/arm/armass64.c allows attackers to cause a denial-of-service application crash caused by stack-based buffer overflow by crafting an input file...