Smarthome,HiAPP,HwParentControl,HwParentControlParent,Crowdtest,HiWallet,Huawei Pay,Skytone,HwCloudDrive(EMUI6.0),HwPhoneFinder Security Vulnerabilities

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2024-1497)

The remote host is missing an update for the Huawei...

EulerOS 2.0 SP9 : binutils (EulerOS-SA-2024-1503)

According to the versions of the binutils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Heap buffer overflow vulnerability in binutils readelf before 2.40 via function find_section_in_set in file readelf.c. (CVE-2022-44840) Note...

EulerOS 2.0 SP9 : pam (EulerOS-SA-2024-1492)

According to the versions of the pam package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call...

EulerOS 2.0 SP9 : bind (EulerOS-SA-2024-1502)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of service...

EulerOS 2.0 SP9 : libxml2 (EulerOS-SA-2024-1510)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and...

EulerOS 2.0 SP9 : binutils (EulerOS-SA-2024-1482)

According to the versions of the binutils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Heap buffer overflow vulnerability in binutils readelf before 2.40 via function find_section_in_set in file readelf.c. (CVE-2022-44840) Note...

EulerOS 2.0 SP9 : xorg-x11-server (EulerOS-SA-2024-1522)

According to the versions of the xorg-x11-server package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently...

EulerOS 2.0 SP9 : python-configobj (EulerOS-SA-2024-1514)

According to the versions of the python-configobj package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : All versions of the package configobj are vulnerable to Regular Expression Denial of Service (ReDoS) via the validate function, using...

EulerOS 2.0 SP9 : samba (EulerOS-SA-2024-1517)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but...

Huawei EulerOS: Security Advisory for graphviz (EulerOS-SA-2024-1487)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for giflib (EulerOS-SA-2024-1506)

The remote host is missing an update for the Huawei...

EulerOS 2.0 SP9 : python-pillow (EulerOS-SA-2024-1495)

According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than...

EulerOS 2.0 SP9 : xorg-x11-server (EulerOS-SA-2024-1501)

According to the versions of the xorg-x11-server package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently...

Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2024-1521)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2024-1491)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for ncurses (EulerOS-SA-2024-1511)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for ncurses (EulerOS-SA-2024-1490)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for pam (EulerOS-SA-2024-1492)

The remote host is missing an update for the Huawei...

EulerOS 2.0 SP9 : gnutls (EulerOS-SA-2024-1507)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2024-1507)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2024-1486)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2024-1482)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2024-1503)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for systemd (EulerOS-SA-2024-1499)

The remote host is missing an update for the Huawei...

EulerOS 2.0 SP9 : sqlite (EulerOS-SA-2024-1519)

According to the versions of the sqlite package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the...

EulerOS 2.0 SP9 : systemd (EulerOS-SA-2024-1520)

According to the versions of the systemd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when...

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2024-1505)

The remote host is missing an update for the Huawei...

EulerOS 2.0 SP9 : python-pillow (EulerOS-SA-2024-1516)

According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than...

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2024-1512)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for python-cryptography (EulerOS-SA-2024-1494)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for giflib (EulerOS-SA-2024-1485)

The remote host is missing an update for the Huawei...

EulerOS 2.0 SP9 : ghostscript (EulerOS-SA-2024-1484)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c (for txtwrite) because a...

EulerOS 2.0 SP9 : ncurses (EulerOS-SA-2024-1511)

According to the versions of the ncurses packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinfo/lib_termcap.c. (CVE-2023-45918) Note that Tenable Network Security has...

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2024-1517)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for ghostscript (EulerOS-SA-2024-1484)

The remote host is missing an update for the Huawei...

EulerOS 2.0 SP9 : samba (EulerOS-SA-2024-1496)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An information leak vulnerability was discovered in Samba's LDAP server. Due to missing access control checks, an authenticated but...

EulerOS 2.0 SP9 : giflib (EulerOS-SA-2024-1485)

According to the versions of the giflib packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A memory leak (out-of-memory) in gif2rgb in util/gif2rgb.c in giflib 5.1.4 allows remote attackers trigger an out of memory exception or...

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2024-1498)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1502)

The remote host is missing an update for the Huawei...

EulerOS 2.0 SP9 : unbound (EulerOS-SA-2024-1521)

According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of...

EulerOS 2.0 SP9 : python-configobj (EulerOS-SA-2024-1493)

According to the versions of the python-configobj package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : All versions of the package configobj are vulnerable to Regular Expression Denial of Service (ReDoS) via the validate function, using...

EulerOS 2.0 SP9 : ghostscript (EulerOS-SA-2024-1505)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c (for txtwrite) because a...

EulerOS 2.0 SP9 : python-cryptography (EulerOS-SA-2024-1515)

According to the versions of the python-cryptography package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid...

Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2024-1496)

The remote host is missing an update for the Huawei...

EulerOS 2.0 SP9 : libxml2 (EulerOS-SA-2024-1489)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and...

EulerOS 2.0 SP9 : docker-runc (EulerOS-SA-2024-1504)

According to the versions of the docker-runc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an...

Huawei EulerOS: Security Advisory for pam (EulerOS-SA-2024-1513)

The remote host is missing an update for the Huawei...

EulerOS 2.0 SP9 : docker-runc (EulerOS-SA-2024-1483)

According to the versions of the docker-runc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an...

EulerOS 2.0 SP9 : systemd (EulerOS-SA-2024-1499)

According to the versions of the systemd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when...

Huawei EulerOS: Security Advisory for python-cryptography (EulerOS-SA-2024-1515)

The remote host is missing an update for the Huawei...