64 matches found
[SECURITY] Fedora 33 Update: createrepo_c-0.16.1-1.fc33
C implementation of Createrepo. A set of utilities createrepoc, mergerepoc, modifyrepoc for generating a common metadata repository from a directory of rpm packages and maintaining it...
[SECURITY] Fedora 32 Update: createrepo_c-0.16.1-2.fc32
C implementation of Createrepo. A set of utilities createrepoc, mergerepoc, modifyrepoc for generating a common metadata repository from a directory of rpm packages and maintaining it...
json-c: Multiple vulnerabilities
Background json-c is a JSON implementation in C. Description Multiple vulnerabilities have been discovered in json-c. Please review the CVE identifiers referenced below for details. Impact A remote/local attacker could send a specially crafted file possibly resulting in a Denial of Service...
EulerOS Virtualization for ARM 64 3.0.5.0 : libgcrypt (EulerOS-SA-2020-1085)
According to the versions of the libgcrypt package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected:...
CVE-2019-12408
It was discovered that the C++ implementation which underlies the R, Python and Ruby implementations of Apache Arrow 0.14.0 to 0.14.1 had a uninitialized memory bug when building arrays with null values in some cases. This can lead to uninitialized memory being unintentionally shared if Arrow...
ALPINE-CVE-2019-12904
In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. The C implementation is used on platforms where an assembly-language implementation is unavailable. NOTE: the vendor's position is...
Design/Logic Flaw
DISPUTED In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. The C implementation is used on platforms where an assembly-language implementation is unavailable. NOTE: the vendor's...
CVE-2019-12904
In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. The C implementation is used on platforms where an assembly-language implementation is unavailable. NOTE: the vendor's position is...
CVE-2019-12904
In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. The C implementation is used on platforms where an assembly-language implementation is unavailable. NOTE: the vendor's position is...
Fedora Update for createrepo_c FEDORA-2019-1fccede810
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 29 Update: createrepo_c-0.12.1-1.fc29
C implementation of Createrepo. A set of utilities createrepoc, mergerepoc, modifyrepoc for generating a common metadata repository from a directory of rpm packages and maintaining it...
[SECURITY] Fedora 27 Update: libgit2-0.26.6-1.fc27
libgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API, allowing you to write native speed custom Git applications in any language with bindings...
[SECURITY] Fedora 28 Update: libgit2-0.26.6-1.fc28
libgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API, allowing you to write native speed custom Git applications in any language with bindings...
[SECURITY] Fedora 28 Update: mozjs52-52.7.2-1.fc28
SpiderMonkey is the code-name for Mozilla Firefox's C++ implementation of JavaScript. It is intended to be embedded in other applications that provide host environments for JavaScript...
[SECURITY] Fedora 28 Update: libgit2-0.26.3-1.fc28
libgit2 is a portable, pure C implementation of the Git core methods provided as a re-entrant linkable library with a solid API, allowing you to write native speed custom Git applications in any language with bindings...
Using the CTS for vulnerability detection and principles of analysis-vulnerability warning-the black bar safety net
360 Vulpecker team Membership 360 Information Security Department, committed to the Android application and the system-layer vulnerability discovery as well as other Android security research. We passed on the CTS frame of the research, the preparation of a vulnerability detection aspect of the...
Websockify (C Implementation) 0.8.0 - Buffer Overflow (PoC)
Websockify C Implementation 0.8.0 - Buffer Overflow PoC Advisory: Websockify: Remote Code Execution via Buffer Overflow RedTeam Pentesting discovered a buffer overflow vulnerability in the C implementation of Websockify, which allows attackers to execute arbitrary code. Details ======= Product:...
Websockify (C Implementation) 0.8.0 - Buffer Overflow (PoC)
Advisory: Websockify: Remote Code Execution via Buffer Overflow RedTeam Pentesting discovered a buffer overflow vulnerability in the C implementation of Websockify, which allows attackers to execute arbitrary code. Details ======= Product: Websockify C implementation Affected Versions: all versio...
EhTrace - Tool for Tracing Execution of Binaries on Windows
Eh'Trace pronounced ATrace is a binary tracing tool for Windows. Implemented in C but has some interesting properties that may make it suitable for tracing binaries when other methods are not sufficient, in particular EhTrace does not require changes to a binary to enable traces, despite being ab...
PYSEC-2015-35
Buffer overflow in the C implementation of the applydelta function in pack.c in Dulwich before 0.9.9 allows remote attackers to execute arbitrary code via a crafted pack file...