OSS-fuzz, assisted by Max Dymond, discovered that cURL, an URL transferlibrary, could be tricked into reading data beyond the end of a heapbased buffer when parsing invalid headers in an RTSP response.
More info:
https://www.debian.org/security/2018/dsa-4202
Oracle Access Manager vulnerability CVE-2018-2739 and CVE-2018-2587. Security Advisory. Security Advisory Description. CVE-2018-2739 ...
More info:
https://support.f5.com/csp/article/K84891934
ISC BIND vulnerability CVE-2018-5736. Security Advisory. Security Advisory Description. ** RESERVED ** This candidate ...
More info:
https://support.f5.com/csp/article/K82069123
Hans Jerry Illikainen discovered a type conversion vulnerability in theMP4 demuxer of the VLC media player, which could result in the executionof arbitrary code if a malformed media file is played.
More info:
https://www.debian.org/security/2018/dsa-4203
ISC BIND vulnerability CVE-2018-5737. Security Advisory. Security Advisory Description. ** RESERVED ** This candidate ...
More info:
https://support.f5.com/csp/article/K16576941
More info:
https://wpvulndb.com/vulnerabilities/9086
