MiracleLinux 4 : libtiff-3.9.4-1.AXS4.3 (AXSA:2011-164:03)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-164:03 advisory. The libtiff package contains a library of functions for manipulating TIFF Tagged Image File Format image format files. TIFF is a widely used file format for...

CVE-2019-16403

In Webkul Bagisto before 0.1.5, the functionalities for customers to change their own values such as address, review, orders, etc. can also be manipulated by other customers...

Linux Distros Unpatched Vulnerability : CVE-2018-16403

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarfgetabbrev in dwarfgetabbrev.c and dwarfhasattr in dwarfhasattr.c, leading to a...

RHEL 8 : elfutils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - elfutils: Double-free due to double decompression of sections in crafted ELF causes crash CVE-2018-16402 ...

Oracle Linux 7 : elfutils (ELSA-2019-2197)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-2197 advisory. 0.176-2 - Add elfutils-0.176-xlate-note.patch 1704754 0.176-1 - New upstream release 1676504 CVE-2019-7146, CVE-2019-7148, CVE-2019-7149, CVE-2019-7150...

SUSE CVE-2018-16403

libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarfgetabbrev in dwarfgetabbrev.c and dwarfhasattr in dwarfhasattr.c, leading to a heap-based buffer over-read and an application crash...

SUSE: Security Advisory (SUSE-SU-2022:2614-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15: dwarves / elfutils / elfutils-lang / libasm-devel / libasm1 / etc (SUSE-SU-2022:2614-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2614-1 advisory. elfutils was updated to version 0.177 jscSLE-24501: - elfclassify: New tool to analyze ELF...

SUSE: Security Advisory (SUSE-SU-2019:1733-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP2 : elfutils (EulerOS-SA-2020-1634)

According to the version of the elfutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarfgetabbrev in dwarfgetabbrev.c and dwarfhasattr in dwarfhasattr....

Huawei EulerOS: Security Advisory for elfutils (EulerOS-SA-2020-1448)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for elfutils (EulerOS-SA-2019-2141)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for elfutils (EulerOS-SA-2019-2313)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization for ARM 64 3.0.3.0 : elfutils (EulerOS-SA-2019-2313)

According to the versions of the elfutils packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarfgetabbrev in dwarfgetabbrev.c and...

Low: elfutils

Issue Overview: An out-of-bounds read was discovered in elfutils in the way it reads DWARF address ranges information. Function dwarfgetaranges in dwarfgetaranges.c does not properly check whether it reads beyond the limits of the ELF section. An attacker could use this flaw to cause a denial of...

NewStart CGSL CORE 5.04 / MAIN 5.04 : elfutils Multiple Vulnerabilities (NS-SA-2019-0209)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has elfutils packages installed that are affected by multiple vulnerabilities: - dwarfgetaranges in dwarfgetaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service heap-based buffer...

CVE-2019-16403

In Webkul Bagisto before 0.1.5, the functionalities for customers to change their own values such as address, review, orders, etc. can also be manipulated by other customers...

CVE-2019-16403

In Webkul Bagisto before 0.1.5, a lack of proper access control allows a user to modify their own data and that of other customers (e.g., address, reviews, orders) via vulnerable customer-endpoints. The root cause is an authorization/control flaw on customer data modification endpoints (e.g., /cu...

elfutils security update

CentOS Errata and Security Advisory CESA-2019:2197 An update for elfutils is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

CentOS 7 : elfutils (CESA-2019:2197)

An update for elfutils is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...