SUSE SLES15 Security Update : ovmf (SUSE-SU-2018:4155-1)

This update for ovmf fixes the following issues : Security issues fixed : CVE-2018-3613: Fixed AuthVariable Timestamp zeroing issue on APPENDWRITE bsc1115916. CVE-2017-5731: Fixed privilege escalation via processing of malformed files in TianoCompress.c bsc1115917. CVE-2017-5732: Fixed privilege...

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2018:3159-1)

The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-17182: The vmacacheflushall function in mm/vmacache.c mishandled sequence number overflows. An attacker can trigger a use-after-free and possibly gain...

SUSE SLES12 Security Update : php5 (SUSE-SU-2016:2477-1)

This update for php5 fixes the following security issues : - CVE-2016-7411: php5: Memory corruption when destructing deserialized object - CVE-2016-7412: Heap overflow in mysqlnd when not receiving UNSIGNEDFLAG in BIT field - CVE-2016-7413: Use after free in wddxdeserialize - CVE-2016-7414: Out o...

openSUSE Security Update : libraw (openSUSE-2018-1619)

This update for libraw fixes the following issues : The following security vulnerabilities were addressed : - CVE-2018-5804: Fixed a type confusion error within the identify function that could trigger a division by zero, leading to a denial of service Dos. boo1097975 - CVE-2018-5805: Fixed a...

CVE-2018-20593

In Mini-XML aka mxml v2.12, there is stack-based buffer overflow in the scanfile function in mxmldoc.c...

Stack overflow

In Mini-XML aka mxml v2.12, there is stack-based buffer overflow in the scanfile function in mxmldoc.c...

CVE-2018-20593

CVE-2018-20593 affects Mini-XML (mxml) 2.12, with a stack-based buffer overflow in the scan_file function of mxmldoc.c. Connected advisories confirm the issue across multiple distributions and track a set of related CVEs (CVE-2018-20004, -20005, -20592, -20593), indicating the vulnerability arise...

CVE-2018-20593

In Mini-XML aka mxml v2.12, there is stack-based buffer overflow in the scanfile function in mxmldoc.c...

EulerOS 2.0 SP2 : libsndfile (EulerOS-SA-2018-1447)

According to the version of the libsndfile package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A stack-based buffer overflow in psfmemset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service application cra...

Scientific Linux Security Update : ntp on SL6.x i386/x86_64 (20181220)

Security Fixes : - ntp: Stack-based buffer overflow in ntpq and ntpdc allows denial of service or code execution CVE-2018-12327 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid119884; scriptversion"1.4";...

Debian: Security Advisory (DLA-1618-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-20460

In radare2 prior to 3.1.2, the parseOperands function in libr/asm/arch/arm/armass64.c allows attackers to cause a denial-of-service application crash caused by stack-based buffer overflow by crafting an input file...

Stack overflow

In radare2 prior to 3.1.2, the parseOperands function in libr/asm/arch/arm/armass64.c allows attackers to cause a denial-of-service application crash caused by stack-based buffer overflow by crafting an input file...

CVE-2018-20460

In radare2 prior to 3.1.2, the parseOperands function in libr/asm/arch/arm/armass64.c allows attackers to cause a denial-of-service application crash caused by stack-based buffer overflow by crafting an input file...

CVE-2018-20455

In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p/asmx86nz.c may allow attackers to cause a denial of service application crash via a stack-based buffer overflow by crafting an input file, a related issue to CVE-2018-20456...

CVE-2018-20455

In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p/asmx86nz.c may allow attackers to cause a denial of service application crash via a stack-based buffer overflow by crafting an input file, a related issue to CVE-2018-20456...

CVE-2018-20460

In radare2 prior to 3.1.2, the parseOperands function in libr/asm/arch/arm/armass64.c allows attackers to cause a denial-of-service application crash caused by stack-based buffer overflow by crafting an input file...

openSUSE: Security Advisory for ovmf (openSUSE-SU-2018:4254-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for ovmf (moderate)

This update for ovmf fixes the following issues: Security issues fixed: - CVE-2018-3613: Fixed AuthVariable Timestamp zeroing issue on APPENDWRITE bsc1115916. - CVE-2017-5731: Fixed privilege escalation via processing of malformed files in TianoCompress.c bsc1115917. - CVE-2017-5732: Fixed...

CVE-2018-20337

There is a stack-based buffer overflow in the parsemakernote function of dcrawcommon.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or possibly unspecified other impact...