98 matches found
glibc: potential use-after-free in gaih_inet()
A flaw has been identified in glibc. In an uncommon situation, the gaihinet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with...
glibc: potential use-after-free in gaih_inet()
A flaw has been identified in glibc. In an uncommon situation, the gaihinet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with...
DEBIAN-CVE-2023-4813
A flaw has been identified in glibc. In an uncommon situation, the gaihinet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with...
Oracle Solaris Critical Patch Update : apr2023_SRU11_4_46_119_2
This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the Oracle Solaris product of Oracle Systems component: NSSwitch. Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows low privileged attacker with...
CVE-2023-21896
Vulnerability in the Oracle Solaris product of Oracle Systems component: NSSwitch. Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris...
CVE-2023-21896
Vulnerability in the Oracle Solaris product of Oracle Systems component: NSSwitch. Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris...
Design/Logic Flaw
Vulnerability in the Oracle Solaris product of Oracle Systems component: NSSwitch. Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris...
CVE-2023-21896
CVE-2023-21896 affects Oracle Solaris NSSwitch on Solaris 10 and 11. The vulnerability, described as difficult to exploit, allows a low-privileged attacker with logon to compromise Solaris and can lead to a full takeover. The CVSS v3.1 base score is 7.0 (Impact: Confidentiality, Integrity, Availa...
PT-2023-2541 · Oracle · Oracle Solaris
Name of the Vulnerable Software and Affected Versions: Oracle Solaris versions 10 and 11 Description: The issue is related to errors in handling input data in the NSSwitch component of Oracle Solaris, which can be exploited to compromise the system. A successful attack can result in the takeover ...
SUSE CVE-2019-14271
In Docker 19.03.x before 19.03.1 linked against the GNU C Library aka glibc, code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container...
The vulnerability of the NSSwitch component in Oracle Solaris operating systems allows a malicious individual to gain unauthorized access to read, modify, or delete data, or to cause service failures.
The vulnerability of the NSSwitch component in Oracle Solaris systems is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized read, modify, or delete access to data, or cause service failures through various network protocols...
CVE-2023-21900
Vulnerability in the Oracle Solaris product of Oracle Systems component: NSSwitch. Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise Oracle Solaris. Successful attacks...
CVE-2023-21900
Vulnerability in the Oracle Solaris product of Oracle Systems component: NSSwitch. Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise Oracle Solaris. Successful attacks...
Spoofing
Vulnerability in the Oracle Solaris product of Oracle Systems component: NSSwitch. Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise Oracle Solaris. Successful attacks...
CVE-2023-21900
CVE-2023-21900 affects the Oracle Solaris NSSwitch component on Solaris 10 and 11. The vulnerability allows a high-privilege attacker with network access via multiple protocols to compromise Solaris, with attacks requiring human interaction. Impacts include unauthorized updates/deletes to Solaris...
PT-2023-1250 · Oracle · Oracle Solaris
Name of the Vulnerable Software and Affected Versions: Oracle Solaris versions 10 through 11 Description: The issue is related to insufficient input validation in the NSSwitch component of Oracle Solaris. It allows a high-privileged attacker with network access via multiple protocols to compromis...
PT-2023-5341 · Glibc +9 · Glibc +9
Name of the Vulnerable Software and Affected Versions: glibc affected versions not specified Description: A flaw was found in glibc, where the gaih inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is...
SUSE: Security Advisory (SUSE-SU-2015:0353-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Exploit for Off-by-one Error in Sudo_Project Sudo
Título del Proyecto Generador de exploit para CVE-2021-3156 s...
openSUSE Security Update : ldb / samba (openSUSE-2020-1313)
"This update for ldb, samba fixes the following issues : Changes in samba : - Update to samba 4.11.11 + CVE-2020-10730: NULL de-reference in AD DC LDAP server when ASQ and VLV combined; bso14364 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...