230 matches found
EulerOS 2.0 SP3 : ImageMagick (EulerOS-SA-2022-2615)
According to the versions of the ImageMagick packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, whe...
EulerOS 2.0 SP3 : tcl (EulerOS-SA-2022-2637)
According to the versions of the tcl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - DISPUTED In Tcl 8.6.11, a format string vulnerability in nmakehlp.c might allow code execution via a crafted file. NOTE: multiple third parties...
EulerOS 2.0 SP3 : e2fsprogs (EulerOS-SA-2022-2600)
According to the versions of the e2fsprogs packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code...
EulerOS 2.0 SP3 : golang (EulerOS-SA-2022-2610)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data. CVE-2022-24675 - The gener...
EulerOS 2.0 SP3 : openldap (EulerOS-SA-2022-2628)
According to the versions of the openldap packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In OpenLDAP 2.x before 2.5.12 and 2.6.x before 2.6.2, a SQL injection vulnerability exists in the experimental back-sql backend to slapd, via ...
EulerOS 2.0 SP3 : tcpdump (EulerOS-SA-2022-2638)
According to the versions of the tcpdump package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:readinfile. To trigger this vulnerability the...
EulerOS 2.0 SP3 : numpy (EulerOS-SA-2022-2626)
According to the versions of the numpy packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - DISPUTED Null Pointer Dereference vulnerability exists in numpy.sort in NumPy and 1.19 in the PyArrayDescrNew function due to missing return-valu...
EulerOS 2.0 SP3 : cifs-utils (EulerOS-SA-2022-2602)
According to the versions of the cifs-utils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers...
EulerOS 2.0 SP3 : java-1.7.0-openjdk (EulerOS-SA-2022-1732)
According to the versions of the java-1.7.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Serialization. Supported...
EulerOS 2.0 SP3 : log4j (EulerOS-SA-2022-1744)
According to the versions of the log4j package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j...
EulerOS 2.0 SP3 : file-roller (EulerOS-SA-2022-1717)
According to the versions of the file-roller packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - fr-archive-libarchive.c in GNOME file-roller through 3.38.0, as used by GNOME Shell and other software, allows Directory Traversal during...
EulerOS 2.0 SP3 : python-paramiko (EulerOS-SA-2022-1759)
According to the versions of the python-paramiko package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Paramiko before 2.10.1, a race condition between creation and chmod in the writeprivatekeyfile function could allow unauthorized...
EulerOS 2.0 SP3 : apr-util (EulerOS-SA-2022-1704)
According to the versions of the apr-util packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Apache Portable Runtime Utility APR-util 1.6.0 and prior fail to validate the integrity of SDBM database files used by aprsdbm functions,...
EulerOS 2.0 SP3 : unzip (EulerOS-SA-2022-1768)
According to the versions of the unzip package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound...
EulerOS 2.0 SP3 : zlib (EulerOS-SA-2022-1777)
According to the versions of the zlib packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant matches. CVE-2018-25032 Note that...
EulerOS 2.0 SP3 : python (EulerOS-SA-2022-1757)
According to the versions of the python packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator URL strings into...
EulerOS 2.0 SP3 : xorg-x11-server (EulerOS-SA-2022-1773)
According to the versions of the xorg-x11-server packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the...
EulerOS 2.0 SP3 : libvncserver (EulerOS-SA-2022-1740)
According to the versions of the libvncserver package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in LibVNCServer before 0.9.13. libvncserver/wsdecode.c can lead to a crash because of unaligned accesses in...
EulerOS 2.0 SP3 : php (EulerOS-SA-2022-1755)
According to the versions of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexmlloadfile, URL-decode th...
EulerOS 2.0 SP3 : spamassassin (EulerOS-SA-2022-1764)
According to the versions of the spamassassin package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious rule configuration .cf files can be...