Lucene search
+L

62 matches found

OSV
OSV
added 2021/11/09 9:11 a.m.31 views

ALSA-2021:4364 Moderate: binutils security update

The binutils packages provide a collection of binary utilities for the manipulation of object code in various object file formats. It includes the ar, as, gprof, ld, nm, objcopy, objdump, ranlib, readelf, size, strings, strip, and addr2line utilities. Security Fixes: binutils: Excessive debug...

6.3CVSS6.9AI score0.01287EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2021/11/05 12:0 a.m.91 views

SUSE SLED15: binutils / binutils-devel / binutils-devel-32bit / binutils-gold / etc (SUSE-SU-2021:3616-1)

The remote SUSE Linux SLED15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3616-1 advisory. Update to binutils 2.37: The GNU Binutils sources now requires a C99 compiler and library to build. Support for Realm...

6.3CVSS6.6AI score0.01287EPSS
Exploits10References37
OpenVAS
OpenVAS
added 2021/07/01 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2021-2024)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.3CVSS6.4AI score0.00304EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/07/01 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2021-2058)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.3CVSS6.4AI score0.00304EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/06/30 12:0 a.m.38 views

EulerOS Virtualization for ARM 64 3.0.6.0 : binutils (EulerOS-SA-2021-2024)

According to the versions of the binutils package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and...

6.3CVSS6.9AI score0.00304EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2021/06/29 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2021-1976)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.3CVSS6.4AI score0.00304EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2021/06/09 3:50 a.m.19 views

CVE-2021-20197 affecting package binutils 2.32-5

CVE-2021-20197 affecting package binutils 2.32-5. An upgraded version of the package is available that resolves this issue...

6.3CVSS9.9AI score0.00304EPSS
Exploits0
OpenVAS
OpenVAS
added 2021/06/07 12:0 a.m.22 views

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2021-1974)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.3CVSS6.4AI score0.00304EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/06/04 12:0 a.m.44 views

EulerOS Virtualization 2.9.0 : binutils (EulerOS-SA-2021-1974)

According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy...

6.3CVSS7AI score0.00304EPSS
Exploits0References3
OSV
OSV
added 2021/03/26 5:15 p.m.39 views

CVE-2021-20197

There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user presumably as part of a script updating binaries across different users, an unprivileged user can tric...

6.3CVSS6.6AI score
Exploits0References4
CVE
CVE
added 2021/03/26 4:47 p.m.221 views

CVE-2021-20197

CVE-2021-20197 is a local race-condition vulnerability in GNU Binutils (affecting ar, objcopy, strip, ranlib) up to version 2.35. An unprivileged user can exploit a symlink-based race window when these tools run as a privileged user to gain ownership of arbitrary files. The provided documents con...

6.3CVSS6.3AI score0.00304EPSS
Exploits0References4Affected Software1
OpenVAS
OpenVAS
added 2021/02/06 12:0 a.m.27 views

Fedora: Security Advisory for mingw-binutils (FEDORA-2021-354441fcdd)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.3CVSS6.5AI score0.00304EPSS
Exploits0References2
Check Point Advisories
Check Point Advisories
added 2020/01/09 12:0 a.m.30 views

Nagios XI Command Injection (CVE-2019-20197)

A command Injection vulnerability exists in Nagios XI. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

9CVSS9.1AI score0.22404EPSS
Exploits1
CVE
CVE
added 2019/12/31 6:50 p.m.86 views

CVE-2019-20197

In Nagios XI 5.6.9, CVE-2019-20197 describes an OS command-injection vulnerability where an authenticated user can execute arbitrary commands via shell metacharacters in the id parameter to schedulereport.php, running with the web-server user context. The issue is triggered by crafted input, enab...

9CVSS8.9AI score0.22404EPSS
Exploits1References1Affected Software1
Debian
Debian
added 2019/05/19 1:47 p.m.160 views

[SECURITY] [DLA 1791-1] faad2 security update

Package : faad2 Version : 2.7-8+deb8u2 CVE ID : CVE-2018-20194 CVE-2018-20197 CVE-2018-20198 CVE-2018-20362 Multiple vulnerabilities have been found in faad2, the Freeware Advanced Audio Coder: CVE-2018-20194 CVE-2018-20197 Improper handling of implicit channel mapping reconfiguration leads to...

7.8CVSS7.8AI score0.01324EPSS
Exploits4
OpenVAS
OpenVAS
added 2019/05/19 12:0 a.m.110 views

Debian: Security Advisory (DLA-1791-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS6.5AI score0.01324EPSS
Exploits4References3
Virtuozzo
Virtuozzo
added 2019/03/14 12:0 a.m.20 views

Product update: Virtuozzo Infrastructure Platform 2.5 Update 4 (2.5.0-1614)

This update provides stability and usability fixes. Vulnerability id: VSTOR-14144, VSTOR-20526 Blink button in the admin panel was not working in some cases. Vulnerability id: VSTOR-20197 Unable to create network bonds. Vulnerability id: VSTOR-20232 Disk replacement occasionally does not allow to...

1.8AI score
Exploits0
NVD
NVD
added 2018/12/18 1:29 a.m.19 views

CVE-2018-20197

There is a stack-based buffer underflow in the third instance of the calculategain function in libfaad/sbrhfadj.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because limiting the additional noise energy...

7.8CVSS7.9AI score0.01317EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2018/12/18 1:29 a.m.30 views

CVE-2018-20197

There is a stack-based buffer underflow in the third instance of the calculategain function in libfaad/sbrhfadj.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because limiting the additional noise energy...

7.8CVSS7.4AI score0.01317EPSS
Exploits1References2
OSV
OSV
added 2018/12/18 1:29 a.m.28 views

CVE-2018-20197

There is a stack-based buffer underflow in the third instance of the calculategain function in libfaad/sbrhfadj.c in Freeware Advanced Audio Decoder 2 FAAD2 2.8.8. A crafted input will lead to a denial of service or possibly unspecified other impact because limiting the additional noise energy...

7.8CVSS7.3AI score
Exploits0References5
Rows per page
Query Builder