169 matches found
CVE-2014-4607
CVE-2014-4607 affects Oberhumer liblzo2 and lzo-2 up to version 2.07 on 32-bit platforms. The vulnerability arises from an integer overflow in the lzo1x_decompress_safe function when handling any variant of a Literal Run, which could lead to memory corruption and potentially remote code execution...
CVE-2014-4607
Integer overflow in the LZO algorithm variant in Oberhumer liblzo2 and lzo-2 before 2.07 on 32-bit platforms might allow remote attackers to execute arbitrary code via a crafted Literal Run...
Huawei EulerOS: Security Advisory for dump (EulerOS-SA-2019-2139)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for dump (EulerOS-SA-2019-2029)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libxslt (EulerOS-SA-2019-2627)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libxslt (EulerOS-SA-2019-2519)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-4607-1 : openconnect - security update
Lukas Kupczyk reported a vulnerability in the handling of chunked HTTP in openconnect, an open client for Cisco AnyConnect, Pulse and GlobalProtect VPN. A malicious HTTP server after having accepted its identity certificate, can provide bogus chunk lengths for chunked HTTP encoding and cause a...
EulerOS 2.0 SP3 : libxslt (EulerOS-SA-2019-2627)
According to the versions of the libxslt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The xsltStylePreCompute function in preproc.c in libxslt 1.1.28 does not check if the parent node is an element, which allows attackers to caus...
Security Bulletin: IBM InfoSphere Information Governance Catalog is affected by a privilege escalation vulnerability
Summary A privilege escalation vulnerability was addressed in InfoSphere Information Governance Catalog. Vulnerability Details CVEID: CVE-2019-4607 DESCRIPTION: IBM InfoSphere Information Governance Catalog could allow an authorized user to access details of both governance and information assets...
EulerOS 2.0 SP3 : grub2 (EulerOS-SA-2019-2011)
According to the version of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could...
EulerOS 2.0 SP3 : dump (EulerOS-SA-2019-2029)
According to the version of the dump package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could creat...
EulerOS 2.0 SP2 : dump (EulerOS-SA-2019-1740)
According to the version of the dump package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could creat...
EulerOS 2.0 SP2 : grub2 (EulerOS-SA-2019-1735)
According to the version of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could...
Fedora 30 : mingw-libxslt (2019-320d5295fc)
Update to 1.1.33 Fix CVE-2016-1841, CVE-2016-4607, CVE-2016-4608, CVE-2016-4610, CVE-2016-4609, CVE-2019-11068, CVE-2016-1684, CVE-2016-1683, CVE-2016-4738. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has...
Security Bulletin: A busybox vulnerability affects IBM DataPower Gateways (CVE-2014-4607)
Summary A buffer overflow vulnerability affects IBM DataPower Gateways. IBM DataPower Gateways has addressed the applicable CVE Vulnerability Details CVEID: CVE-2014-4607 DESCRIPTION: Oberhumer LZO could allow a remote attacker to execute arbitrary code on the system, caused by an integer overflo...
CVE-2017-4607
CVE-2017-4607 is rejected/not used per the Initial Description.
CVE-2017-4607
...
Debian: Security Advisory (DLA-826-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
About the security content of iTunes 12.4.2 for Windows - Apple Support
About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page. For more information about security, se...
SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2017:1442-1)
Wireshark was updated to version 2.2.6, which brings several new features, enhancements and bug fixes. Thses security issues were fixed : - CVE-2017-7700: In Wireshark the NetScaler file parser could go into an infinite loop, triggered by a malformed capture file. This was addressed in...