MiracleLinux 9 : vim-8.2.2637-20.el9 (AXSA:2023-5177:02)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5177:02 advisory. vim: no check if the return value of XChangeGC is NULL CVE-2022-47024 Tenable has extracted the preceding description block directly from the MiracleLinux...

CVE-2024-47024

In vringsize of external/headers/include/virtio/virtioring.h, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

Linux Distros Unpatched Vulnerability : CVE-2021-47024

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vsock/virtio: free queued packets when closing socket As reported by syzbot 1, there is a memory leak while closing the socket. We partially solved this issue...

Linux Distros Unpatched Vulnerability : CVE-2022-47024

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A null pointer dereference issue was discovered in function guix11createblankmouse in guix11.c in vim 8.1.2269 thru 9.0.0339 allows attackers to cause denial of...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-2815)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : kernel (EulerOS-SA-2024-2815)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : vsock/virtio: free queued packets when closing socketCVE-2021-47024 KVM: PPC: Fix kvmarchvcpuioctl vcpuload leakCVE-2021-47296 kernel:RDMA/cma:...

CVE-2024-47024

creationtimestamp| type| source ---|---|--- 2024-10-25 13:44:11+00:00| seen| https://t.me/cvedetector/8917...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-2476)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2024-2002)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-47024

The CVE-2021-47024 issue is in the Linux kernel vsock/virtio path, where a memory leak occurs when closing a socket due to not draining the RX queue after the socket is definitively closed. The advisory notes partial remediation via ac03046ece2b, but the proper fix is to drain the RX queue before...

CVE-2023-47024

creationtimestamp| type| source ---|---|--- 2024-01-20 03:31:46+00:00| seen| https://t.me/ctinow/170508 2024-02-15 20:26:53+00:00| seen| https://t.me/ctinow/185850...

CVE-2023-47024

CVE-2023-47024 affects NCR Terminal Handler v1.5.1 and centers on CSRF, enabled by multiple vulnerabilities including an undisclosed function in the WSDL with weak security controls that can accept custom content types. This can allow a remote attacker to trigger a one‑click account takeover via ...

CVE-2023-47024

Cross-Site Request Forgery CSRF in NCR Terminal Handler v.1.5.1 leads to a one-click account takeover. This is achieved by exploiting multiple vulnerabilities, including an undisclosed function in the WSDL that has weak security controls and can accept custom content types...

USN-5963-1: Vim vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Canonical Ubuntu 22.04 Description It was discovered that Vim was not properly performing memory management operations. An attacker could possibly use this issue to cause a denial of service or...

vim security update

An update is available for vim. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Vim Vi IMproved is an updated and improved version of the vi editor. Security...

Rocky Linux 9 : vim (RLSA-2023:0958)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:0958 advisory. - A null pointer dereference issue was discovered in function guix11createblankmouse in guix11.c in vim 8.1.2269 thru 9.0.0339 allows attackers to cause denial o...

Important: vim

Issue Overview: A heap buffer overflow vulnerability was found in vim's inscomplinfercasegettext function of the src/insexpand.c file. This flaw occurs when vim tries to access uninitialized memory when completing a long line. This flaw allows an attacker to trick a user into opening a specially...

Mageia: Security Advisory (MGASA-2023-0075)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-5963-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux 2 : vim (ALAS-2023-1975)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-1975 advisory. A heap buffer overflow vulnerability was found in vim's inscomplinfercasegettext function of the src/insexpand.c file. This flaw occurs when vim tries to access uninitialized memory when completi...