48 matches found
Oracle Linux 7 : coredns / cri-o / cri-tools / etcd / flannel / kata / kata-agent / kata-image / kata-ksm-throttler / kata-proxy / kata-runtime / kata-shim / kubernetes / kubernetes-cni / kubernetes-cni-plugins / kubernetes-dashboard / olcne / yq (ELSA-2020-5828)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5828 advisory. - Address CVE-2020-16845 - Address CVE-2020-16845 cri-tools - Address CVE-2020-16845 etcd - Address CVE-2020-16845 - Address CVE-2020-16845 - Address...
EulerOS 2.0 SP8 : golang (EulerOS-SA-2020-1852)
According to the version of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid...
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.
...
Denial Of Service (DoS)
github.com/golang/go is vulnerable to denial of service. An infinite read loop in ReadUvarint and ReadVarint allows an attacker to create a denial of service condition via malicious input...
Google Go Denial of Service Vulnerability (CNVD-2020-46848)
Google Go is a static strongly typed, compiled, concatenated, and garbage-collected programming language from Google. A security vulnerability exists in Google Go versions prior to 1.13.15 and 14.x prior to 1.14.7. An attacker can exploit the vulnerability with invalid input to cause an infinite...
AZL-79098 CVE-2020-16845 affecting package golang 1.25.7-1
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs...
CVE-2020-16845
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs...
CVE-2020-16845
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs...
CVE-2020-16845
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs...
UBUNTU-CVE-2020-16845
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs...
CVE-2020-16845
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs...
CVE-2020-16845
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs...
CVE-2020-16845
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs...
EulerOS Virtualization 2.5.3 : tar (EulerOS-SA-2019-1262)
According to the version of the tar package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of...
GNU tar has been updated to fix CVE-2018-20482
GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service infinite read loop in sparsedumpregion in sparse.c by modifying a file that is supposed to be archived by a different user's process e.g., a system back...
GNU tar Denial of Service Vulnerability
GNU Tar is a set of tools developed by the GNU Project for creating files in tar format. A security vulnerability exists in GNU Tar versions 1.30 and earlier, which stems from the program's failure to properly handle file shrinking. A local attacker can exploit this vulnerability by modifying the...
UBUNTU-CVE-2018-20482
GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service infinite read loop in sparsedumpregion in sparse.c by modifying a file that is supposed to be archived by a different user's process e.g., a system back...
PT-2018-11059 · Sangoma · Asterisk Open Source
Name of the Vulnerable Software and Affected Versions: Asterisk Open Source versions 15.x before 15.4.1 Description: An issue was discovered in Asterisk Open Source. When connected to Asterisk via TCP/TLS, if the client abruptly disconnects, or sends a specially crafted message, then Asterisk get...
openSUSE Security Update : freeradius-server (openSUSE-2017-1192)
This update for freeradius-server fixes the following issues : Fix a number of security issues found via fuzzing by Guido Vranken See http://freeradius.org/security/fuzzer-2017.html for details. boo1049086 - CVE-2017-10987 / FR-GV-304: DHCP - Buffer over-read in frdhcpdecodesuboptions -...
Oracle Linux 7 : freeradius (ELSA-2017-2389)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-2389 advisory. - Related: Bug1469414 CVE-2017-10984 freeradius: Out-of-bounds write in data2vpwimax - Resolves: Bug1469409 CVE-2017-10978 freeradius: Out-of-bounds...