CVE-2019-15942

FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645parse because allocrbspbuffer in libavcodec/h2645parse.c mishandles rbspbuffer...

CVE-2019-15942

FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645parse because allocrbspbuffer in libavcodec/h2645parse.c mishandles rbspbuffer...

CVE-2019-15942

CVE-2019-15942 affects FFmpeg up to version 4.2. The vulnerability is a condition/branch issue in the H.264 parser (libavcodec/h2645_parse.c) where alloc_rbsp_buffer mishandles rbsp_buffer, resulting in a numeric/conditional jump based on an uninitialized value. This can lead to a crash under cra...

CVE-2019-15942

FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645parse because allocrbspbuffer in libavcodec/h2645parse.c mishandles rbspbuffer...

CVE-2019-15942

FFmpeg through 4.2 has a "Conditional jump or move depends on uninitialised value" issue in h2645parse because allocrbspbuffer in libavcodec/h2645parse.c mishandles rbspbuffer...

SUSE SLES12 Security Update : openldap2 (SUSE-SU-2019:0931-1)

This update for openldap2 fixes the following issues : Security issues fixed : CVE-2017-9287: A double free vulnerability in the mdb backend during search with page size 0 was fixed bsc1041764. CVE-2017-17740: Fixed a denial of service slapd crash via a member MODDN operation that could have been...

Denial Of Service (DoS) Through Uninitialized Memory Exposure

concat-with-sourcemaps is vulnerable to denial of service DoS through uninitialised memory exposure. The attacker can launch the attack if a large number is used to set as a separator...

CVE-2018-6947

An uninitialised stack variable in the nxfuse component that is part of the Open Source DokanFS library shipped with NoMachine 6.0.662 and earlier allows a local low privileged user to gain elevation of privileges on Windows 7 32 and 64bit, and denial of service for Windows 8 and 10...

NoMachine nxfuse Privilege Escalation

from ctypes import from ctypes.wintypes import import struct import sys import os MEMCOMMIT = 0x00001000 MEMRESERVE = 0x00002000 PAGEEXECUTEREADWRITE = 0x00000040 GENERICREAD = 0x80000000 GENERICWRITE = 0x40000000 OPENEXISTING = 0x3 STATUSINVALIDHANDLE = 0xC0000008 shellcodelen = 90 s = aa s +=...

CVE-2017-15281

ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact via a crafted file, related to "Conditional jump or move depends on uninitialised values."...

SUSE SLED12 / SLES12 Security Update : openldap2 (SUSE-SU-2017:1567-1)

This update for openldap2 fixes the following issues: Security issues fixed : - CVE-2017-9287: A double free vulnerability in the mdb backend during search with page size 0 was fixed bsc1041764 Non security bugs fixed : - Let OpenLDAP read system-wide certificates by default and don't hide the...

LG G4 MRA58K - mkvparser::Tracks constructor Failure to Initialise Pointers Exploit

Exploit for Android platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1117 Failure to initialise pointers in mkvparser::Tracks constructor The constructor mkvparser::Tracks::Tracks doesn't handle parsing failures correctly. If we look at the function...

Information Disclosure

concat-stream is vulnerable to information disclosure. A malicious user can pass a number to the stringConcat function to cause it to print out uninitialised memory in the stream...

openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2016-431)

This update for java-170-openjdk fixes the following issues : java-170-openjdk was updated to 2.6.5 - OpenJDK 7u99 boo972468 - Security fixes - S8152335, CVE-2016-0636: Improve MethodHandle consistency - Import of OpenJDK 7 u99 build 0 - S6425769, PR2858: Allow specifying an address to bind JMX...

Fedora 21 : xen-4.4.1-2.fc21 (2014-10531)

Mishandling of uninitialised FIFO-based event channel control blocks XSA-107, CVE-2014-6268 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...

information leak via gnttab_setup_table on ARM

ISSUE DESCRIPTION When initialising an internal data structure on ARM platform Xen was not correctly initialising the memory containing the list of a domain's grant table pages. This list is returned by the GNTTABOPsetuptable subhypercall, leading to an information leak. IMPACT Malicious guest...

[SECURITY] [DSA 2760-1] chrony security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2760-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 18, 2013 http://www.debian.org/security/faq -...

[SECURITY] [DSA 2760-1] chrony security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2760-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 18, 2013 http://www.debian.org/security/faq -...

Debian: Security Advisory (DSA-2760-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-2548-1 : tor - several vulnerabilities

Several vulnerabilities have been discovered in Tor, an online privacy tool. - CVE-2012-3518 Avoid an uninitialised memory read when reading a vote or consensus document that has an unrecognized flavour name. This could lead to a remote crash, resulting in denial of service. - CVE-2012-3519 Try t...