397 matches found
UBUNTU-CVE-2023-52582
In the Linux kernel, the following vulnerability has been resolved: netfs: Only call foliostartfscache one time for each folio If a network filesystem using netfs implements a clamplength function, it can set subrequest lengths smaller than a page size. When we loop through the folios in...
PT-2024-40651 · Spvtools · Spvtools
Name of the Vulnerable Software and Affected Versions: spvtools affected versions not specified Description: The issue is related to a crash in the spvtools library, specifically in the ValidateAccessChain function within the val module. The crash occurs due to an unknown read error. Technical...
CLSA-2024-1707420277 Fix CVE(s): CVE-2023-46589
SECURITY UPDATE: Incorrect parsing of HTTP trailer headers - debian/patches/CVE-2023-46589.patch: Ensure IOException on request read always triggers error handling - CVE-2023-46589 Internal tests: - debian/patches/0100-stop-testing-if-a-failure-occurs.patch: Stop testing if a failure occurs -...
EulerOS 2.0 SP5 : libX11 (EulerOS-SA-2024-1150)
According to the versions of the libX11 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in libX11 due to a boundary condition within the XkbReadKeySyms function. This flaw allows a local user to trigger an...
EulerOS 2.0 SP5 : libXpm (EulerOS-SA-2024-1151)
According to the versions of the libXpm packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in libXpm due to a boundary condition within the XpmCreateXpmImageFromBuffer function. This flaw allows a local attack...
EulerOS 2.0 SP10 : libX11 (EulerOS-SA-2024-1089)
According to the versions of the libX11 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in libX11 due to a boundary condition within the XkbReadKeySyms function. This flaw allows a local user to trigger an...
EulerOS 2.0 SP11 : libX11 (EulerOS-SA-2023-3277)
According to the versions of the libX11 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in libX11 due to a boundary condition within the XkbReadKeySyms function. This flaw allows a local user to trigger an...
EulerOS 2.0 SP11 : libXpm (EulerOS-SA-2023-3251)
According to the versions of the libXpm package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in libXpm due to a boundary condition within the XpmCreateXpmImageFromBuffer function. This flaw allows a local attacke...
EulerOS 2.0 SP10 : libX11 (EulerOS-SA-2024-1065)
According to the versions of the libX11 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in libX11 due to a boundary condition within the XkbReadKeySyms function. This flaw allows a local user to trigger an...
EulerOS 2.0 SP9 : libX11 (EulerOS-SA-2023-3342)
According to the versions of the libX11 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in libX11 due to a boundary condition within the XkbReadKeySyms function. This flaw allows a local user to trigger an...
EulerOS 2.0 SP9 : libX11 (EulerOS-SA-2023-3310)
According to the versions of the libX11 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in libX11 due to a boundary condition within the XkbReadKeySyms function. This flaw allows a local user to trigger an...
EulerOS Virtualization 2.9.1 : libX11 (EulerOS-SA-2024-1041)
According to the versions of the libX11 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in libX11 due to a boundary condition within the XkbReadKeySyms function. This flaw allows a local user ...
PT-2023-35680 · Git +1 · Libavc
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-buffer-overflow read error. Technical details about the crash include the functions ih264d get bits h264, ih264d parse fgc...
OESA-2023-1988 hdf5 security update
HDF5 is a data model, library, and file format for storing and managing data. It supports an unlimited variety of datatypes, and is designed for flexible and efficient I/O and for high volume and complex data. HDF5 is portable and is extensible, allowing applications to evolve in their use of HDF...
Amazon Linux AMI : libXpm (ALAS-2023-1894)
The version of libXpm installed on the remote host is prior to 3.5.10-2.13. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1894 advisory. libXpm: out of bounds read in XpmCreateXpmImageFromBuffer NOTE: https://www.openwall.com/lists/oss-security/2023/10/03/1NOTE: Fix...
Fedora 37 : motif (2023-25329c196b)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-25329c196b advisory. Security fix for CVE-2023-43788 and CVE-2023-43789 Tenable has extracted the preceding description block directly from the Fedora security advisory...
Fedora 39 : motif (2023-e1c7fae02e)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-e1c7fae02e advisory. Security fix for CVE-2023-43788 and CVE-2023-43789 Tenable has extracted the preceding description block directly from the Fedora security advisory...
PT-2023-35617 · Git +1 · Opensc
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow read error. Technical details about the crash include the functions asn1 decode entry, asn1 decode, and s...
CVE-2023-20240
Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Clie...
PT-2023-35594 · Git +1 · Pcapplusplus
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a heap-buffer-overflow read error. Technical details about the crash include the involvement of pcpp::SomeIpSdLayer::SomeIpSdLaye...