Smarthome,HiAPP,HwParentControl,HwParentControlParent,Crowdtest,HiWallet,Huawei Pay,Skytone,HwCloudDrive(EMUI6.0),HwPhoneFinder Security Vulnerabilities

EulerOS Virtualization 3.0.6.0 : python-cryptography (EulerOS-SA-2024-1700)

According to the versions of the python-cryptography packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. In ...

Huawei EulerOS: Security Advisory for linux-firmware (EulerOS-SA-2024-1692)

The remote host is missing an update for the Huawei...

EulerOS Virtualization 3.0.6.6 : util-linux (EulerOS-SA-2024-1668)

According to the versions of the util-linux packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An issue was discovered in hwclock.13-v2.27 allows attackers to gain escalated privlidges or execute arbitrary commands via...

EulerOS Virtualization 3.0.6.0 : linux-firmware (EulerOS-SA-2024-1692)

According to the versions of the linux-firmware packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged...

EulerOS Virtualization 3.0.6.6 : glibc (EulerOS-SA-2024-1650)

According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an...

EulerOS Virtualization 3.0.6.6 : binutils (EulerOS-SA-2024-1645)

According to the versions of the binutils packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A memory consumption issue in get_data function in binutils/nm.c in GNU nm before 2.34 allows attackers to cause a denial of...

EulerOS Virtualization 3.0.6.0 : python-urllib3 (EulerOS-SA-2024-1703)

According to the versions of the python-urllib3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : urllib3 before 1.24.2 does not remove the authorization HTTP header when following a cross-origin redirect (i.e., a...

Huawei EulerOS: Security Advisory for ncurses (EulerOS-SA-2024-1693)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2024-1674)

The remote host is missing an update for the Huawei...

EulerOS Virtualization 3.0.6.6 : harfbuzz (EulerOS-SA-2024-1652)

According to the versions of the harfbuzz packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the...

EulerOS Virtualization 3.0.6.6 : python (EulerOS-SA-2024-1663)

According to the versions of the python packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A use-after-free exists in Python through 3.9 via heappushpop in heapq. (CVE-2022-48560) An XML External Entity (XXE) issue was...

EulerOS Virtualization 3.0.6.0 : python-mako (EulerOS-SA-2024-1701)

According to the versions of the python-mako packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse....

EulerOS Virtualization 3.0.6.0 : libXpm (EulerOS-SA-2024-1691)

According to the versions of the libXpm packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user...

EulerOS Virtualization 3.0.6.6 : ghostscript (EulerOS-SA-2024-1649)

According to the versions of the ghostscript packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the...

Huawei EulerOS: Security Advisory for python-configobj (EulerOS-SA-2024-1699)

The remote host is missing an update for the Huawei...

EulerOS Virtualization 3.0.6.0 : php (EulerOS-SA-2024-1696)

According to the versions of the php packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In PHP versions 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2.* before 8.2.8 various XML functions rely on libxml global state...

Huawei EulerOS: Security Advisory for zlib (EulerOS-SA-2024-1710)

The remote host is missing an update for the Huawei...

EulerOS Virtualization 3.0.6.6 : curl (EulerOS-SA-2024-1647)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : This flaw allows an attacker to insert cookies at will into a running program using libcurl, if the specific series of...

Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2024-1683)

The remote host is missing an update for the Huawei...

EulerOS Virtualization 3.0.6.0 : python-configobj (EulerOS-SA-2024-1699)

According to the versions of the python-configobj packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : All versions of the package configobj are vulnerable to Regular Expression Denial of Service (ReDoS) via the validate...

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2024-1695)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2024-1706)

The remote host is missing an update for the Huawei...

EulerOS Virtualization 3.0.6.0 : grub2 (EulerOS-SA-2024-1683)

According to the versions of the grub2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2024-1684)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for libtiff (EulerOS-SA-2024-1687)

The remote host is missing an update for the Huawei...

EulerOS Virtualization 3.0.6.0 : ncurses (EulerOS-SA-2024-1693)

According to the versions of the ncurses packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Buffer Overflow vulnerability in postprocess_terminfo function in tinfo/parse_entry.c:997 in ncurses 6.1 allows remote...

Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2024-1702)

The remote host is missing an update for the Huawei...

EulerOS Virtualization 3.0.6.0 : vim (EulerOS-SA-2024-1708)

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531. (CVE-2023-2609) Vim is an improved version of the good old...

EulerOS Virtualization 3.0.6.6 : python-configobj (EulerOS-SA-2024-1664)

According to the versions of the python-configobj package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : All versions of the package configobj are vulnerable to Regular Expression Denial of Service (ReDoS) via the validate...

EulerOS Virtualization 3.0.6.6 : httpd (EulerOS-SA-2024-1653)

According to the versions of the httpd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57....

EulerOS Virtualization 3.0.6.6 : krb5 (EulerOS-SA-2024-1654)

According to the versions of the krb5 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A...

Huawei EulerOS: Security Advisory for libtommath (EulerOS-SA-2024-1688)

The remote host is missing an update for the Huawei...

EulerOS Virtualization 3.0.6.6 : cups (EulerOS-SA-2024-1646)

According to the versions of the cups packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible...

EulerOS Virtualization 3.0.6.6 : bind (EulerOS-SA-2024-1644)

According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The code that processes control channel messages sent to named calls certain functions recursively during packet parsing....

EulerOS Virtualization 3.0.6.6 : libXpm (EulerOS-SA-2024-1658)

According to the versions of the libXpm packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in libXpm due to a boundary condition within the XpmCreateXpmImageFromBuffer() function. This flaw...

EulerOS Virtualization 3.0.6.0 : python2 (EulerOS-SA-2024-1697)

According to the versions of the python2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A use-after-free exists in Python through 3.9 via heappushpop in heapq. (CVE-2022-48560) An XML External Entity (XXE) issue was...

EulerOS Virtualization 3.0.6.0 : python3 (EulerOS-SA-2024-1698)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity...

Huawei EulerOS: Security Advisory for shadow-utils (EulerOS-SA-2024-1705)

The remote host is missing an update for the Huawei...

EulerOS Virtualization 3.0.6.6 : grub2 (EulerOS-SA-2024-1651)

According to the versions of the grub2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An out-of-bounds write flaw was found in grub2's NTFS filesystem driver. This issue may allow an attacker to present a...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-1685)

The remote host is missing an update for the Huawei...

EulerOS Virtualization 3.0.6.0 : qemu (EulerOS-SA-2024-1711)

According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. The 9pfs server did not prohibit opening special...

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2024-1711)

The remote host is missing an update for the Huawei...

EulerOS Virtualization 3.0.6.6 : libX11 (EulerOS-SA-2024-1657)

According to the versions of the libX11 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms() function. This flaw allows a...

EulerOS Virtualization 3.0.6.6 : openssl (EulerOS-SA-2024-1660)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the...

EulerOS Virtualization 3.0.6.6 : kernel (EulerOS-SA-2024-1672)

According to the versions of the kernel package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The microcode on AMD 16h 00h through 0Fh processors does not properly handle the interaction between locked instructions and...

Huawei EulerOS: Security Advisory for libwebp (EulerOS-SA-2024-1689)

The remote host is missing an update for the Huawei...

EulerOS Virtualization 3.0.6.0 : libwebp (EulerOS-SA-2024-1689)

According to the versions of the libwebp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform...

EulerOS Virtualization 3.0.6.6 : samba (EulerOS-SA-2024-1665)

According to the versions of the samba packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets...

EulerOS Virtualization 3.0.6.6 : qemu (EulerOS-SA-2024-1671)

According to the versions of the qemu package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. The 9pfs server did not prohibit opening special...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-1677)

The remote host is missing an update for the Huawei...