Advisories

  1. CVE-2017–14739: ImageMagick 7.0.7–4 mishandles failed memory allocation, which allows remote attackers to cause a denial of service.
  2. CVE-2017–14952: International Components for Unicode (ICU) for C/C++ through 59.1 contains a double free that allows remote attackers to execute arbitrary code.
  3. CVE-2017–15096: GlusterFS in versions prior to 3.10 contains a null pointer dereference that may cause denial of service.
  4. CVE-2017–16892: Bftpd 4.6 contains a memory leak which occurs if a mal-crafted sequence of FTP requests are received.
  5. CVE-2017–1000445: ImageMagick 7.0.7–1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service.
  6. CVE-2018–20786: libvterm through 0+bzr726, as used in Vim and other products, mishandles certain out-of-memory conditions, leading to a denial of service (application crash), related to screen.c, etc.
  7. CVE-2019–13238: In Bento4 1.5.1.0, a memory allocation failure is unhandled in Core/Ap4SdpAtom.cpp and leads to crashes.
  8. CVE-2019–13959: In Bento4 1.5.1–627, AP4 DataBuffer::Set­DataSize does not handle reallocation fail- ures, leading to a memory copy into a NULL pointer.
  9. CVE-2019–13960: In libjpeg-turbo 2.0.2, a large amount of memory can be used during processing of an invalid progressive JPEG image containing incorrect width and height values in the image header.