An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER() macro for CHM decompression. Date published : 2018-07-28 https://www.debian.org/security/2018/dsa-4260 https://security.gentoo.org/glsa/201903-20
An issue was discovered in kwajd_read_headers in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite. Date published : 2018-07-28 https://www.debian.org/security/2018/dsa-4260 https://security.gentoo.org/glsa/201903-20
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. It does not reject blank CHM filenames. Date published : 2018-07-28 https://www.debian.org/security/2018/dsa-4260 https://security.gentoo.org/glsa/201903-20
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service (uninitialized data dereference and...
An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xen_failsafe_callback entry point in arch/x86/entry/entry_64.S does not properly maintain RBX, which allows local users to cause a...
ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows local users to achieve partial plaintext recovery (for a CBC based ciphersuite) via a cache-based side-channel attack. Date published : 2018-07-28 https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-02 https://www.debian.org/security/2018/dsa-4296
ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows remote attackers to achieve partial plaintext recovery (for a CBC based ciphersuite) via a timing-based side-channel attack. This vulnerability exists because of an...
A heap buffer overflow flaw was found in QEMU’s Cirrus CLGD 54xx VGA emulator’s VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after...
A flaw was found in katello-debug before 3.4.0 where certain scripts and log files used insecure temporary files. A local user could exploit this flaw to conduct a symbolic-link attack, allowing them to overwrite...
A vulnerability was discovered in SPICE before 0.13.90 in the server’s protocol handling. An attacker able to connect to the SPICE server could send crafted messages which would cause the process to crash. Date...
A vulnerability was discovered in SPICE before 0.13.90 in the server’s protocol handling. An authenticated attacker could send crafted messages to the SPICE server causing a heap overflow leading to a crash or possible...
In Ceph, a format string flaw was found in the way libradosstriper parses input from user. A user could crash an application or service using the libradosstriper library. Date published : 2018-07-27 http://www.securityfocus.com/bid/99075 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7519
The dialog for creating cloud volumes (cinder provider) in CloudForms does not filter cloud tenants by user. An attacker with the ability to create storage volumes could use this to create storage volumes for...
It was found that spacewalk-channel can be used by a non-admin user or disabled users to perform administrative tasks due to an incorrect authorization check in backend/server/rhnChannel.py. Date published : 2018-07-27 http://www.securityfocus.com/bid/98569 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7470