Fedora: Security Advisory for ghc-hakyll (FEDORA-2022-1f981071eb)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Amazon Corretto Java 11.x < 11.0.5.10.1 Multiple Vulnerabilities

The version of Amazon Corretto installed on the remote host is prior to 11 11.0.5.10.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-11-2019-Oct-15 advisory. - security-libs/javax.net.ssl CVE-2019-2894, CVE-2019-2949 - core-libs CVE-2019-2933 -...

Amazon Corretto Java 17.x < 17.0.2.8.1 Multiple Vulnerabilities

The version of Amazon Corretto installed on the remote host is prior to 17 17.0.2.8.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-17-2022-Jan-18 advisory. - core-libs/java.io:serialization CVE-2022-21248, CVE-2022-21341 - client-libs/javax.imageio...

GNU GCC 资源管理错误漏洞

Gcc is a collection of Gnu compilers. It is mainly used to compile the C and C++ languages. A security vulnerability exists in GNU GCC 11.2, which stems from a stack overflow in nm-new that can be triggered by an attacker via a crafted elf file...

Fedora: Security Advisory for gcc (FEDORA-2022-42ea499a7d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:0934-1 Security update for binutils

This update for binutils fixes the following issues: - For compatibility on old code stream that expect 'brcl 0,label' to not be disassembled as 'jgnop label' on s390x. bsc1192267 This reverts IBM zSeries HLASM support for now. - Fixed that ppc64 optflags did not enable LTO bsc1188941. - Fix empt...

Exploit for Improper Initialization in Linux Linux_Kernel

pwncatdirtypipe !asciicasthttps://asciinema.org/a/UGXf1HI...

[SECURITY] Fedora 36 Update: gcc-12.0.1-0.12.fc36

The gcc package contains the GNU Compiler Collection version 12. You'll need this package in order to compile C code...

[SECURITY] Fedora 36 Update: annobin-10.57-3.fc36

This package contains the tools needed to annotate binary files created by compilers, and also the tools needed to examine those annotations. One of the tools is a plugin for GCC that records information about the security options that were in effect when the binary was compiled. Note - the plugi...

SUSE-SU-2022:0843-1 Security update for rust, rust1.58, rust1.59

This update for rust, rust1.58, rust1.59 fixes the following issues: This update provides both rust1.58 and rust1.59. Changes in rust1.58: - Add recommends for GCC for installs to be able to link. - Add suggests for lld/clang which are faster than gcc for linking to allow users choice on what the...

Security update for rust, rust1.58, rust1.59 (moderate)

openSUSE Security Update: Security update for rust, rust1.58, rust1.59 Announcement ID: openSUSE-SU-2022:0843-1 Rating: moderate References: 1194767 Cross-References: CVE-2022-21658 CVSS scores: CVE-2022-21658 NVD : 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H CVE-2022-21658 SUSE: 6.2...

Updated golang packages fix security vulnerability

Overflow in Rat.SetString in math/big can lead to uncontrolled memory consumption CVE-2022-23772 Incorrect access control in cmd/go CVE-2022-23773 Incorrect returned value in crypto/elliptic IsOnCurve CVE-2022-23806 The following non-security bugs were fixed: - go50978 crypto/elliptic: IsOnCurve...

OPENSUSE-SU-2022:0723-1 Security update for go1.17

This update for go1.17 fixes the following issues: - CVE-2022-23806: Fixed incorrect returned value in crypto/elliptic IsOnCurve bsc1195838. - CVE-2022-23772: Fixed overflow in Rat.SetString in math/big can lead to uncontrolled memory consumption bsc1195835. - CVE-2022-23773: Fixed incorrect acce...

Firefox MCallGetProperty Write Side Effects Use-After-Free Exploit

This Metasploit modules exploits CVE-2020-26950, a use-after-free exploit in Firefox. The MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This exploit uses a somewhat novel technique of spraying ArgumentsData structures in order ...

EulerOS 2.0 SP9 : libsepol (EulerOS-SA-2022-1309)

According to the versions of the libsepol package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The CIL compiler in SELinux 3.2 has a use-after-free in cilverifyclassperms called from cilverifyclasspermission and cilpreverifyhelper...

Huawei EulerOS: Security Advisory for libsepol (EulerOS-SA-2022-1273)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Firefox MCallGetProperty Write Side Effects Use After Free Exploit

This modules exploits CVE-2020-26950, a use after free exploit in Firefox. The MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This exploit uses a somewhat novel technique of spraying ArgumentsData structures in order to construc...

EulerOS 2.0 SP5 : libsepol (EulerOS-SA-2022-1273)

According to the versions of the libsepol packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The CIL compiler in SELinux 3.2 has a use-after-free in cilverifyclassperms called from cilverifyclasspermission and cilpreverifyhelper...

EulerOS 2.0 SP10 : libsepol (EulerOS-SA-2022-1245)

According to the versions of the libsepol package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The CIL compiler in SELinux 3.2 has a use-after-free in cilverifyclassperms called from cilverifyclasspermission and cilpreverifyhelper...

EulerOS 2.0 SP10 : libsepol (EulerOS-SA-2022-1257)

According to the versions of the libsepol package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The CIL compiler in SELinux 3.2 has a use-after-free in cilverifyclassperms called from cilverifyclasspermission and cilpreverifyhelper...