Denial Of Service (DoS)

qemu is vulnerable to denial of service. The vulnerability exists due to a flaw that allows an attacker to trigger infinite recursion via a crafted mmindex value during an atimmread or atimmwrite call...

SUSE: Security Advisory (SUSE-SU-2021:3854-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2021:3854-1 Security update for poppler

This update for poppler fixes the following issues: - CVE-2017-18267: Fixed an infinite recursion that would allow remote attackers to cause a denial of service bsc1092945. - CVE-2018-13988: Added an improper implementation check which otherwise could allow buffer overflows, memory corruption, an...

Security update for poppler (important)

openSUSE Security Update: Security update for poppler Announcement ID: openSUSE-SU-2021:3854-1 Rating: important References: 1092945 1102531 1107597 1114966 1115185 1115186 1115187 1115626 1120495 1120496 1120939 1120956 1124150 1127329 1129202 1130229 1131696 1131722 1142465 1143950 1179163...

UniswapV2/SushiwapLPAdapter update the wrong token

Handle cmichel Vulnerability details The UniswapV2LPAdapter/SushiswapV2LPAdapter.update function retrieves the underlying from the LP token pair asset but then calls router.updateasset, proof which is the LP token itself again. This will end up with the router calling this function again...

NewStart CGSL MAIN 6.02 : binutils Multiple Vulnerabilities (NS-SA-2021-0122)

The remote NewStart CGSL host, running version MAIN 6.02, has binutils packages installed that are affected by multiple vulnerabilities: - findabstractinstance in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32, allows remote attackers to cause a...

AZL-6762 CVE-2021-39257 affecting package ntfs-3g for versions less than 2021.8.22-1

A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain starting from ntfsattrpwrite, causing stack consumption in NTFS-3G 2021.8.22...

DEBIAN-CVE-2021-39257

A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain starting from ntfsattrpwrite, causing stack consumption in NTFS-3G 2021.8.22...

SUSE-SU-2021:2789-1 Security update for qemu

This update for qemu fixes the following issues: Security issues fixed: - usbredir: free call on invalid pointer in bufpalloc bsc1189145, CVE-2021-3682 - NULL pointer dereference in ESP bsc1180433, CVE-2020-35504 bsc1180434, CVE-2020-35505 bsc1180435, CVE-2020-35506 - NULL pointer dereference iss...

uBlock 安全漏洞

uBlock is an open source ad blocker. There is a security vulnerability in uBlock Origin that allows a carefully crafted website to cause a denial of service infinite recursion can trigger memory consumption and loss of all blocking functionality...

SUSE: Security Advisory (SUSE-SU-2021:2320-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2021:2320-1 Security update for sqlite3

This update for sqlite3 fixes the following issues: - Update to version 3.36.0 - CVE-2020-15358: heap-based buffer overflow in multiSelectOrderBy due to mishandling of query-flattener optimization bsc1173641 - CVE-2020-9327: NULL pointer dereference and segmentation fault because of generated...

SUSE: Security Advisory (SUSE-SU-2018:0395-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2014:1321-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PYSEC-2021-519

TensorFlow is an end-to-end open source platform for machine learning. TFlite graphs must not have loops between nodes. However, this condition was not checked and an attacker could craft models that would result in infinite loop during evaluation. In certain cases, the infinite loop would be...

CVE-2021-29591

TensorFlow is an end-to-end open source platform for machine learning. TFlite graphs must not have loops between nodes. However, this condition was not checked and an attacker could craft models that would result in infinite loop during evaluation. In certain cases, the infinite loop would be...

EulerOS 2.0 SP3 : binutils (EulerOS-SA-2021-1767)

According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A Null Pointer Dereference vulnerability exists in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.34, in...

Denial Of Service (DoS)

qemu is vulnerable to denial of service DoS.A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device emulator of QEMU. This issue occurs while processing controller commands due to a DMA reentry issue. This flaw allows a guest user or process to consume CPU...

AZL-6829 CVE-2021-20255 affecting package qemu for versions less than 6.2.0-2

A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device emulator of QEMU. This issue occurs while processing controller commands due to a DMA reentry issue. This flaw allows a guest user or process to consume CPU cycles or crash the QEMU process on the hos...

AZL-35149 CVE-2021-20255 affecting package qemu for versions less than 6.2.0-18

A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device emulator of QEMU. This issue occurs while processing controller commands due to a DMA reentry issue. This flaw allows a guest user or process to consume CPU cycles or crash the QEMU process on the hos...