CVE: none assigned, XSA-207: memory leak when destroying guest without PT devices Reference: CVE-2017-2615, XSA-208: oob access in cirrus bitblt copy Reference: CVE-2017-2620, XSA-209: cirrus_bitblt_cputovideo does not check if memory region is safe
Fixed in: Firefox ESR 45.4 CVE-2016-5270 - Heap-buffer-overflow in nsCaseTransformTextRunFactory::TransformString. An out-of-bounds write of a boolean value during text conversion with some unicode characters. [1291016] CVE-2016-5272 - Bad cast in nsImageGeometryMixin. A bad cast when processing layout with input elements can result in a potentially exploitable crash. [1297934] CVE-2016-5276 - Hea ...
CVE-2017-5006: Universal XSS in Blink.CVE-2017-5007: Universal XSS in Blink. CVE-2017-5008: Universal XSS in Blink.CVE-2017-5009: Out of bounds memory access in WebRTC. CVE-2017-5010: Universal XSS in Blink. CVE-2017-5011: Unauthorised file access in Devtools.CVE-2017-5012: Heap overflow in V8. CVE-2017-5013: Address spoofing in Omnibox.CVE-2017-5014: Heap overflow in Skia. CVE-2017-5015: Address ...
CVE-2017-15873: Integer overflow in the get_next_block function; The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation.
CVE-2017-15873: Integer overflow in the get_next_block function The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation.
CVE-2017-15873: Integer overflow in the get_next_block function¶ The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation.
The libtasn1 library, in its 4.7 version, can loop for a long time or indefinitely when it is used to parse DER representations of X509 certificates, leading to a denial of service. Some of these loops may in addition increase heap or stack usage, leading to more issues. libtasn1 before version 4.8 is vulnerable. Fixed In Version: libtasn1 4.8
The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. The following packages have been upgraded to a later upstream version: gnutls . Security Fix: * gnutls: HMAC-SHA-256 vulnerable to Lucky thirteen attack due to not enough dummy function calls * gnutls: HMAC-SHA-384 vulnerable to Lucky thirteen ...
Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Security Fix: * perl: Integer overflow leading to buffer overflow in Perl_my_setenv For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the References section. Red Hat would like to thank ...