Smarthome,HiAPP,HwParentControl,HwParentControlParent,Crowdtest,HiWallet,Huawei Pay,Skytone,HwCloudDrive(EMUI6.0),HwPhoneFinder Security Vulnerabilities

EulerOS 2.0 SP12 : shim (EulerOS-SA-2024-1776)

According to the versions of the shim package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact...

Huawei EulerOS: Security Advisory for util-linux (EulerOS-SA-2024-1780)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for util-linux (EulerOS-SA-2024-1757)

The remote host is missing an update for the Huawei...

EulerOS 2.0 SP12 : util-linux (EulerOS-SA-2024-1757)

According to the versions of the util-linux packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an 'INPUTRC'...

EulerOS 2.0 SP12 : util-linux (EulerOS-SA-2024-1780)

According to the versions of the util-linux packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an 'INPUTRC'...

EulerOS 2.0 SP12 : docker-engine (EulerOS-SA-2024-1738)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service...

EulerOS 2.0 SP12 : openssl (EulerOS-SA-2024-1746)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1712)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1723)

The remote host is missing an update for the Huawei...

EulerOS 2.0 SP12 : python-pillow (EulerOS-SA-2024-1751)

According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than...

Huawei EulerOS: Security Advisory for bind (EulerOS-SA-2024-1736)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1734)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for python-paramiko (EulerOS-SA-2024-1750)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for libssh2 (EulerOS-SA-2024-1765)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for libssh2 (EulerOS-SA-2024-1742)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for libuv (EulerOS-SA-2024-1717)

The remote host is missing an update for the Huawei...

EulerOS 2.0 SP12 : libuv (EulerOS-SA-2024-1743)

According to the versions of the libuv package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libuv is a multi-platform support library with a focus on asynchronous I/O. The uv_getaddrinfo function in src/unix/getaddrinfo.c (and its...

Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2024-1726)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2024-1746)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2024-1776)

The remote host is missing an update for the Huawei...

EulerOS 2.0 SP12 : openssl (EulerOS-SA-2024-1769)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact...

EulerOS 2.0 SP12 : libxml2 (EulerOS-SA-2024-1767)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and...

Huawei EulerOS: Security Advisory for python-jinja2 (EulerOS-SA-2024-1749)

The remote host is missing an update for the Huawei...

EulerOS 2.0 SP12 : sqlite (EulerOS-SA-2024-1777)

According to the versions of the sqlite package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the...

EulerOS 2.0 SP12 : curl (EulerOS-SA-2024-1737)

According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file...

EulerOS 2.0 SP12 : python-paramiko (EulerOS-SA-2024-1773)

According to the versions of the python-paramiko package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to...

EulerOS 2.0 SP12 : sudo (EulerOS-SA-2024-1778)

According to the versions of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2024-1718)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2024-1755)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-1761)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for libuv (EulerOS-SA-2024-1728)

The remote host is missing an update for the Huawei...

EulerOS 2.0 SP12 : python-pillow (EulerOS-SA-2024-1774)

According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than...

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-1738)

The remote host is missing an update for the Huawei...

EulerOS 2.0 SP12 : docker-engine (EulerOS-SA-2024-1761)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2024-1740)

The remote host is missing an update for the Huawei...

EulerOS 2.0 SP12 : xorg-x11-server (EulerOS-SA-2024-1781)

According to the versions of the xorg-x11-server package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash...

EulerOS 2.0 SP12 : bind (EulerOS-SA-2024-1759)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect domain; is configured,...

EulerOS 2.0 SP12 : systemd (EulerOS-SA-2024-1756)

According to the versions of the systemd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they...

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2024-1777)

The remote host is missing an update for the Huawei...

EulerOS 2.0 SP12 : sqlite (EulerOS-SA-2024-1754)

According to the versions of the sqlite package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the...

Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2024-1725)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2024-1729)

The remote host is missing an update for the Huawei...

EulerOS 2.0 SP12 : shim (EulerOS-SA-2024-1753)

According to the versions of the shim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack Impact...

EulerOS 2.0 SP12 : linux-sgx (EulerOS-SA-2024-1782)

According to the versions of the linux-sgx packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack...

Huawei EulerOS: Security Advisory for pam (EulerOS-SA-2024-1770)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for docker-runc (EulerOS-SA-2024-1739)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for docker-runc (EulerOS-SA-2024-1762)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for ncurses (EulerOS-SA-2024-1730)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for ncurses (EulerOS-SA-2024-1768)

The remote host is missing an update for the Huawei...

EulerOS 2.0 SP12 : ncurses (EulerOS-SA-2024-1745)

According to the versions of the ncurses packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinfo/lib_termcap.c.(CVE-2023-45918) NCurse v6.4-20230418 was discovered to...