CVE-2021-1136

Multiple vulnerabilities in Cisco Network Convergence System NCS 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for the Cisco 8000 Series Routers could allow an authenticated, local attacker to execute unsigned code during the boot process on...

CVE-2021-1244

Multiple vulnerabilities in Cisco Network Convergence System NCS 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for the Cisco 8000 Series Routers could allow an authenticated, local attacker to execute unsigned code during the boot process on...

CVE-2021-1244

Multiple vulnerabilities in Cisco Network Convergence System NCS 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for the Cisco 8000 Series Routers could allow an authenticated, local attacker to execute unsigned code during the boot process on...

CVE-2021-1136

Multiple vulnerabilities in Cisco Network Convergence System NCS 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for the Cisco 8000 Series Routers could allow an authenticated, local attacker to execute unsigned code during the boot process on...

Design/Logic Flaw

Multiple vulnerabilities in Cisco Network Convergence System NCS 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for the Cisco 8000 Series Routers could allow an authenticated, local attacker to execute unsigned code during the boot process on...

Design/Logic Flaw

Multiple vulnerabilities in Cisco Network Convergence System NCS 540 Series Routers, only when running Cisco IOS XR NCS540L software images, and Cisco IOS XR Software for the Cisco 8000 Series Routers could allow an authenticated, local attacker to execute unsigned code during the boot process on...

Multiple Cisco Products Data Forgery Issue Vulnerabilities

The Cisco 8000 Series Router and the Cisco Network Convergence System 540 Series Routers are both router devices from Cisco USA. A data forgery vulnerability exists in Cisco IOS XR on multiple Cisco routers. The vulnerability is due to an unsigned script in the ISO that is verified without...

CentOS 8 : icedtea-web (CESA-2019:2004)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:2004 advisory. - icedtea-web: unsigned code injection in a signed JAR file CVE-2019-10181 - icedtea-web: path traversal while processing elements of JNLP files result...

openSUSE Security Update : ImageMagick (openSUSE-2021-136)

This update for ImageMagick fixes the following issues : - CVE-2020-19667: Fixed a stack-based buffer overflow in XPM coder could result in a crash bsc1179103. - CVE-2020-25664: Fixed a heap-based buffer overflow in PopShortPixel bsc1179202. - CVE-2020-25665: Fixed a heap-based buffer overflow in...

ImageMagick Studio ImageMagick 输入验证错误漏洞

ImageMagick is a suite of open source image processing software. The software can read, convert or write images in a variety of formats. A security vulnerability exists in ImageMagick versions prior to 7.0.9-0, which stems from an out-of-range representable value range for the unsigned int type o...

Imagemagick Studio ImageMagick 输入验证错误漏洞

ImageMagick is a suite of open source image processing software. The software can read, convert or write images in a variety of formats. A code issue vulnerability exists in versions of ImageMagick prior to 7.0.9-0, which stems from an out-of-range representable value range for the unsigned float...

OSV-2017-126 Bad-cast to const std::__1::__less<unsigned long, unsigned long> *_start

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=606 Crash type: Bad-cast Crash state: Bad-cast to const std::1::less start...

OSV-2018-199 Heap-buffer-overflow in BEInt<unsigned short, 2>::operator unsigned short

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10986 Crash type: Heap-buffer-overflow READ 1 Crash state: BEInt::operator unsigned short AAT::LookupSegmentSingle ::cmp AAT::LookupSegmentSingle const OT::VarSizedBi...

OSV-2018-185 Heap-buffer-overflow in BEInt<unsigned short, 2>::operator unsigned short

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11001 Crash type: Heap-buffer-overflow READ 1 Crash state: BEInt::operator unsigned short OT::IndexSubtable::getextents OT::IndexSubtableRecord::getextents...

OSV-2018-176 Heap-buffer-overflow in BEInt<unsigned short, 2>::operator unsigned short

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10899 Crash type: Heap-buffer-overflow READ 1 Crash state: BEInt::operator unsigned short AAT::LookupSegmentSingle ::cmp AAT::LookupSegmentSingle const OT::VarSizedBi...

OSV-2018-174 Heap-buffer-overflow in BEInt<unsigned char, 1>::operator unsigned char

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11245 Crash type: Heap-buffer-overflow READ 1 Crash state: BEInt::operator unsigned char OT::KernSubTableFormat3::getkerning hbkernmachinet::kern...

OSV-2018-159 Use-of-uninitialized-value in AAT::LookupFormat8<OT::IntType<unsigned short, 2u> >::get_value

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10953 Crash type: Use-of-uninitialized-value Crash state: AAT::LookupFormat8 ::getvalue AAT::Lookup ::getvalue AAT::StateTable::getclass...

OSV-2018-162 Heap-buffer-overflow in BEInt<unsigned int, 4>::operator unsigned int

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=10948 Crash type: Heap-buffer-overflow READ 1 Crash state: BEInt::operator unsigned int OT::OffsetTo , OT::IntTypeunsigned i AAT::KerxSubTableFormat1::drivercontextt::drivercontextt...

OSV-2018-150 Global-buffer-overflow in BEInt<unsigned short, 2>::operator unsigned short

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11010 Crash type: Global-buffer-overflow READ 1 Crash state: BEInt::operator unsigned short AAT::ContextualSubtable::drivercontextt::transition void AAT::StateTableDriver::driveAAT::Conte...

OSV-2018-149 Heap-buffer-overflow in BEInt<unsigned int, 4>::operator unsigned int

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=11033 Crash type: Heap-buffer-overflow READ 1 Crash state: BEInt::operator unsigned int AAT::KerxSubTableFormat2::sanitize hbsanitizecontextt::returnt AAT::KerxTable::dispatch...