769 matches found
EulerOS 2.0 SP12 : libxml2 (EulerOS-SA-2024-2534)
According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in xmllint from libxml2 before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can resu...
EulerOS 2.0 SP12 : libxml2 (EulerOS-SA-2024-2510)
According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in xmllint from libxml2 before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can resu...
Fortinet FortiAnalyzer 格式化字符串错误漏洞
Fortinet FortiAnalyzer is a centralized network security reporting solution from Fortinet, Inc. The product is mainly used to collect network log data and analyze, report, and archive operations on security events, network traffic, Web content, etc. in the logs through the reporting suite. A...
EulerOS 2.0 SP10 : libxml2 (EulerOS-SA-2024-2447)
According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in xmllint from libxml2 before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can resu...
EulerOS 2.0 SP9 : libxml2 (EulerOS-SA-2024-2399)
According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in xmllint from libxml2 before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can resu...
Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2024-2374)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
AZL-49187 CVE-2024-45026 affecting package kernel for versions less than 5.15.167.1-1
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix error recovery leading to data corruption on ESE devices Extent Space Efficient ESE or thin provisioned volumes need to be formatted on demand during usual IO processing. The dasdeseneedsformat function checks for...
DEBIAN-CVE-2024-45026
In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix error recovery leading to data corruption on ESE devices Extent Space Efficient ESE or thin provisioned volumes need to be formatted on demand during usual IO processing. The dasdeseneedsformat function checks for...
389 Directory Server 安全漏洞
389 Directory Server is a highly available, fully functional, reliable and secure LDAP server implementation of 389 Directory Server open source. A security vulnerability exists in 389 Directory Server that stems from a potential server crash when userPassword is modified using incorrectly...
EulerOS Virtualization 2.11.1 : libxml2 (EulerOS-SA-2024-2158)
According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An issue was discovered in xmllint from libxml2 before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint...
EulerOS 2.0 SP11 : libxml2 (EulerOS-SA-2024-2105)
According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in xmllint from libxml2 before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can resu...
EulerOS 2.0 SP11 : libxml2 (EulerOS-SA-2024-2088)
According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in xmllint from libxml2 before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can resu...
The vulnerability of the Nomad application’s Go-getter orchestrator library, related to improper handling of argument separators in commands, allows a malicious actor to format the Git URL, thereby allowing them to inject additional Git arguments into the Git command.
The vulnerability of the Nomad application’s Go-getter orchestrator library relates to the improper elimination of argument separators in commands. Exploiting this vulnerability allows a malicious actor to format the Git URL remotely, thereby introducing additional Git arguments during the Git...
CVE-2024-6961
CVE-2024-6961 describes an XML External Entity (XXE) vulnerability in Guardrails AI when consuming RAIL documents from external sources, potentially allowing leakage of internal file data via the SYSTEM entity. The affected component is Guardrails AI and its RAIL document handling; the underlying...
Artifex Ghostscript Formatting String Error Vulnerability
Artifex Ghostscript is a free software package from Artifex, Inc. based on Adobe, PostScript, and the Portable Document Format page description language. A security vulnerability exists in Artifex Ghostscript prior to version 10.03.1 that exploits a memory corruption and SAFER sandbox bypass that...
ROS-20240702-03
A vulnerability in the libxml2 library's xmllint.c file is related to the formatting of error messages with xmllint --htmlout. Exploiting the vulnerability could allow an attacker to cause a denial of service...
SUSE CVE-2024-38576
In the Linux kernel, the following vulnerability has been resolved: rcu: Fix buffer overflow in printcpustallinfo The rcuc-starvation output from printcpustallinfo might overflow the buffer if there is a huge difference in jiffies difference. The situation might seem improbable, but computers...
Actiontec Electronics WEB6000Q Formatting String Error Vulnerability
The Actiontec Electronics WEB6000Q is a wireless extender from Actiontec Electronics, Inc. The Actiontec Electronics WEB6000Q suffers from a Formatting String Error vulnerability. An attacker could exploit this vulnerability to execute code in an HTTP server environment...
UBUNTU-CVE-2024-37795
A segmentation fault in CVC5 Solver v1.1.3 allows attackers to cause a Denial of Service DoS via a crafted SMT-LIB input file containing the set-logic command with specific formatting errors...
CVE-2024-37795
A segmentation fault in CVC5 Solver v1.1.3 allows attackers to cause a Denial of Service DoS via a crafted SMT-LIB input file containing the set-logic command with specific formatting errors...