The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Notes by IBM

HarfBuzz: memory corruption
An attacker can generate a memory corruption of HarfBuzz, in order to trigger a denial of service, and possibly to run code...
1983969, 1984073, 1987066, 1990410, CVE-2016-2052, openSUSE-SU-2016:2082-1, openSUSE-SU-2017:2488-1, USN-3067-1, VIGILANCE-VUL-20398
HarfBuzz: out-of-bounds memory reading via hb-ot-layout-gpos-table.hh
An attacker can force a read at an invalid address via hb-ot-layout-gpos-table.hh of HarfBuzz, in order to trigger a denial of service, or to obtain sensitive information...
1983969, 1984073, 1987066, 1990410, CVE-2015-8947, DLA-2040-1, openSUSE-SU-2016:2082-1, openSUSE-SU-2017:2488-1, USN-3067-1, VIGILANCE-VUL-20397
Oracle Java: vulnerabilities of July 2016
An attacker can use several vulnerabilities of Oracle Java...
1988339, 1988894, 1988978, 1989049, 1989337, 1990031, 1990448, 1991383, 1991909, 1991910, 1991911, 1991913, 1991997, 1995792, 1995799, 2001630, 2007242, 486953, CERTFR-2016-AVI-243, cpujul2016, CVE-2016-3458, CVE-2016-3485, CVE-2016-3498, CVE-2016-3500, CVE-2016-3503, CVE-2016-3508, CVE-2016-3511, CVE-2016-3550, CVE-2016-3552, CVE-2016-3587, CVE-2016-3598, CVE-2016-3606, CVE-2016-3610, DLA-579-1, DSA-3641-1, ESA-2016-099, FEDORA-2016-588e386aaa, FEDORA-2016-c07d18b2a5, FEDORA-2016-c60d35c46c, openSUSE-SU-2016:2050-1, openSUSE-SU-2016:2051-1, openSUSE-SU-2016:2052-1, openSUSE-SU-2016:2058-1, RHSA-2016:1458-01, RHSA-2016:1475-01, RHSA-2016:1476-01, RHSA-2016:1477-01, RHSA-2016:1504-01, RHSA-2016:1587-01, RHSA-2016:1588-01, RHSA-2016:1589-01, RHSA-2016:1776-01, SB10166, SOL05016441, SOL25075696, SUSE-SU-2016:1997-1, SUSE-SU-2016:2012-1, SUSE-SU-2016:2261-1, SUSE-SU-2016:2286-1, SUSE-SU-2016:2347-1, SUSE-SU-2016:2348-1, SUSE-SU-2016:2726-1, USN-3043-1, USN-3062-1, USN-3077-1, VIGILANCE-VUL-20169, ZDI-16-445, ZDI-16-446, ZDI-16-447, ZDI-16-448
Flexera InstallShield, JRSoft Inno Setup: code execution via DLL-planting
An attacker can create a malicious DLL for Flexera InstallShield or JRSoft Inno Setup, in order to run code with administrator privileges...
1610582, 1978168, 1978363, 1979808, 1980839, 1982467, 1982741, 1982809, 1983796, 1983797, 1983813, 1983814, 1983815, 1984184, 1984743, 1984863, 494999, CVE-2016-2542, ESA-2017-008, FG-IR-16-046, VIGILANCE-VUL-19558
Apache Xerces-C: denial of service via a deeply nested DTD
An attacker can submit an XML document including a deeply nested DTD to Apache Xerces-C, in order to trigger a denial of service...
1983969, 1984073, 1987066, 1990410, cpujul2018, CVE-2016-4463, DLA-535-1, DSA-3610-1, FEDORA-2016-0a061f6dd9, FEDORA-2016-7615febbd6, FEDORA-2016-84373c5f4f, FEDORA-2016-87e8468465, FEDORA-2016-9284772686, FEDORA-2016-d2d6890690, FEDORA-2018-51ce232320, openSUSE-SU-2016:1808-1, openSUSE-SU-2016:2232-1, RHSA-2018:3335-01, RHSA-2018:3506-01, RHSA-2018:3514-01, SB10276, SOL70191975, SUSE-SU-2018:3277-1, VIGILANCE-VUL-20001
expat: denial of service via a CHM file
An attacker can raise a fatal error in pointer arithmetic in expat, while processing a CHM file, in order to make expat crash...
1988026, 1990421, 1990658, CERTFR-2018-AVI-288, CVE-2016-4472, FEDORA-2016-0fd6ca526a, FEDORA-2016-60889583ab, FEDORA-2016-7c6e7a9265, SSA:2016-359-01, SSA:2017-266-02, SSA:2018-124-01, SUSE-SU-2020:0497-1, TNS-2018-08, USN-3013-1, VIGILANCE-VUL-19932
expat: unsuitable use of pseudo random number generator
The change that aimed fix VIGILANCE-VUL-11420.introduced a wrong initialisation of the pseudo random number generator...
1990421, 1990658, CERTFR-2018-AVI-288, CVE-2012-6702, DLA-508-1, DSA-3597-1, FEDORA-2016-0fd6ca526a, FEDORA-2016-60889583ab, FEDORA-2016-7c6e7a9265, K65460334, openSUSE-SU-2017:0483-1, SSA:2016-359-01, TNS-2018-08, USN-3010-1, USN-3013-1, VIGILANCE-VUL-19837
expat: denial of service via hash collision
An attacker can trigger collisions in hash tables, in order to reduce performances of applications using expat...
1990421, 1990658, CERTFR-2018-AVI-288, cpujul2018, CVE-2016-5300, DLA-508-1, DSA-3597-1, FEDORA-2016-0fd6ca526a, FEDORA-2016-60889583ab, FEDORA-2016-7c6e7a9265, K70938105, openSUSE-SU-2017:0483-1, SOL70938105, SSA:2016-359-01, SSA:2018-124-01, TNS-2018-08, USN-3010-1, USN-3013-1, VIGILANCE-VUL-19836
Expat: buffer overflow
An attacker can generate a buffer overflow of Expat, in order to trigger a denial of service, and possibly to run code...
1988026, 1990421, 1990658, 2000347, bulletinjul2016, CERTFR-2018-AVI-288, cpujul2018, CVE-2016-0718, DSA-3582-1, FEDORA-2016-0fd6ca526a, FEDORA-2016-60889583ab, FEDORA-2016-7c6e7a9265, HT206903, K52320548, openSUSE-SU-2016:1441-1, openSUSE-SU-2016:1523-1, RHSA-2016:2824-01, SSA:2016-359-01, SSA:2017-266-02, SSA:2018-124-01, SUSE-SU-2016:1508-1, SUSE-SU-2016:1512-1, SUSE-SU-2020:0497-1, TNS-2016-11, TNS-2018-08, USN-2983-1, USN-3013-1, VIGILANCE-VUL-19644
IBM JDK: code execution via CORBA Deserialization
An attacker can use a vulnerability in CORBA Deserialization of IBM JDK, in order to run code...
1984678, 1985875, 1987778, CVE-2016-0376, RHSA-2016:0701-01, RHSA-2016:0702-01, RHSA-2016:0708-01, RHSA-2016:0716-01, RHSA-2016:1039-01, SUSE-SU-2016:1299-1, SUSE-SU-2016:1300-1, SUSE-SU-2016:1303-1, SUSE-SU-2016:1378-1, SUSE-SU-2016:1379-1, SUSE-SU-2016:1388-1, SUSE-SU-2016:1458-1, SUSE-SU-2016:1475-1, VIGILANCE-VUL-19499
Our database contains other pages. You can request a free trial to read them.