3118 matches found
EulerOS 2.0 SP10 : samba (EulerOS-SA-2023-1399)
According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrapdes and unwrapdes3 routines of Heimdal. The DES and...
EulerOS 2.0 SP8 : krb5 (EulerOS-SA-2023-1321)
According to the versions of the krb5 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - PAC parsing in MIT Kerberos 5 aka krb5 before 1.19.4 and 1.20.x before 1.20.1 has integer overflows that may lead to remote code execution in KDC,...
AlmaLinux 9 : git (ALSA-2023:0611)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:0611 advisory. - Git is distributed revision control system. gitattributes are a mechanism to allow defining attributes for paths. These attributes can be defined by...
Amazon Linux AMI : krb5-devel, krb5-libs, krb5-pkinit-openssl (ALAS-2023-1680)
It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1680 advisory. Integer overflow vulnerabilities in PAC parsing CVE-2022-42898 Tenable has extracted the preceding description block directly from the tested product security advisory. Note that Nessus has not tested for...
SUSE SLES15: krb5 / krb5-32bit / krb5-client / krb5-devel / krb5-plugin-kdb-ldap / etc (SUSE-SU-2023:0198-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0198-1 advisory. - CVE-2022-42898: Fixed integer overflow in PAC parsing bsc1205126. Tenable has extracted the preceding description block directly from the...
CLSA-2023-1674816097 grub2: Fix of 2 CVEs
font: Reject glyphs exceeds font-maxglyphwidth or font-maxglyph height - font: Fix size overflow in grubfontgetglyphinternal - CVE-2022-2601: font: Fix several integer overflows in grubfontconstructglyph - CVE-2022-3775: font: Fix an integer underflow in blitcomb...
Debian dla-3282 : git - security update
The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3282 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3282-1 [email protected]...
Amazon Linux 2 : krb5 (ALAS-2023-1915)
It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-1915 advisory. Integer overflow vulnerabilities in PAC parsing CVE-2022-42898 Tenable has extracted the preceding description block directly from the tested product security advisory. Note that Nessus has not tested for...
Amazon Linux AMI : krb5 (ALAS-2023-1667)
It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1667 advisory. Integer overflow vulnerabilities in PAC parsing CVE-2022-42898 Tenable has extracted the preceding description block directly from the tested product security advisory. Note that Nessus has not tested for...
Moderate: Red Hat Security Advisory: libxml2 security update
An update for libxml2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
libxml2 security update
An update is available for libxml2. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libxml2 library is a development toolbox providing the implementation of...
RLSA-2023:0338 Moderate: libxml2 security update
The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: integer overflows with XMLPARSEHUGE CVE-2022-40303 libxml2: dict corruption caused by entity reference cycles CVE-2022-40304 For more details about the security issues,...
ALSA-2023:0338 Moderate: libxml2 security update
The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: integer overflows with XMLPARSEHUGE CVE-2022-40303 libxml2: dict corruption caused by entity reference cycles CVE-2022-40304 For more details about the security issues,...
Moderate: libxml2 security update
The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml2: integer overflows with XMLPARSEHUGE CVE-2022-40303 libxml2: dict corruption caused by entity reference cycles CVE-2022-40304 For more details about the security issues,...
Security Bulletin: IBM Cloud Pak for Security includes components with multiple known vulnerabilities
Summary IBM Cloud Pak for Security includes components with known vulnerabilities. These have been updated in the latest release and vulnerabilities have been addressed. Please follow the instructions in the Remediation/Fixes section below to update to the latest version of Cloud Pak for Security...
Integer overflow
Git is distributed revision control system. gitattributes are a mechanism to allow defining attributes for paths. These attributes can be defined by adding a .gitattributes file to the repository, which contains a set of file patterns and the attributes that should be set for paths matching this...
CVE-2022-23521
Git is distributed revision control system. gitattributes are a mechanism to allow defining attributes for paths. These attributes can be defined by adding a .gitattributes file to the repository, which contains a set of file patterns and the attributes that should be set for paths matching this...
GSD-2023-1001056 fs/ntfs3: Harden against integer overflows
fs/ntfs3: Harden against integer overflows This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...
GSD-2023-1000640 fs/ntfs3: Harden against integer overflows
fs/ntfs3: Harden against integer overflows This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Git vulnerabilities (USN-5810-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5810-1 advisory. Markus Vervier and Eric Sesterhenn discovered that Git incorrectly handled certain gitattributes. An attacker could possibly use...