SUSE: Security Advisory (SUSE-SU-2021:0987-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:3375-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2015:0096-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:2541-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:1204-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.9.1 : edk2 (EulerOS-SA-2021-1736)

According to the versions of the edk2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Integer overflow in DxeImageVerificationHandler EDK II may allow an authenticated user to potentially enable denial of service via...

EulerOS Virtualization 2.9.0 : edk2 (EulerOS-SA-2021-1764)

According to the versions of the edk2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Integer overflow in DxeImageVerificationHandler EDK II may allow an authenticated user to potentially enable denial of service via...

Uncontrolled Recursion

Overview std/archive/zip is a Go standard library package std/archive/zip Affected versions of this package are vulnerable to Uncontrolled Recursion. Go Vulnerability Report: via the Reader.Open function when processing an archive containing a file with a path prefixed by "../". An attacker can...

Huawei EulerOS: Security Advisory for edk2 (EulerOS-SA-2021-1736)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for edk2 (EulerOS-SA-2021-1764)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Denial Of Service (DoS)

qemu is vulnerable to denial of service DoS.A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device emulator of QEMU. This issue occurs while processing controller commands due to a DMA reentry issue. This flaw allows a guest user or process to consume CPU...

openSUSE Security Update : ovmf (openSUSE-2021-495)

This update for ovmf fixes the following issues : - CVE-2021-28211: ovmf: edk2: possible heap corruption with LzmaUefiDecompressGetInfo bsc1183578 - CVE-2021-28210: ovmf: unlimited FV recursion, round 2 bsc1183579 This update was imported from the SUSE:SLE-15-SP2:Update update project. C Tenable...

OPENSUSE-SU-2021:0495-1 Security update for ovmf

This update for ovmf fixes the following issues: - CVE-2021-28211: ovmf: edk2: possible heap corruption with LzmaUefiDecompressGetInfo bsc1183578 - CVE-2021-28210: ovmf: unlimited FV recursion, round 2 bsc1183579 This update was imported from the SUSE:SLE-15-SP2:Update update project...

Security update for ovmf (moderate)

openSUSE Security Update: Security update for ovmf Announcement ID: openSUSE-SU-2021:0495-1 Rating: moderate References: 1183578 1183579 Cross-References: CVE-2021-28210 CVE-2021-28211 CVSS scores: CVE-2021-28210 SUSE: 5.1 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H CVE-2021-28211 SUSE: 4.4...

SUSE-SU-2021:0987-1 Security update for ovmf

This update for ovmf fixes the following issues: - CVE-2021-28211: ovmf: edk2: possible heap corruption with LzmaUefiDecompressGetInfo bsc1183578 - CVE-2021-28210: ovmf: unlimited FV recursion, round 2 bsc1183579...

SUSE ovmf 安全漏洞

SUSE ovmf is a firmware from SUSE Germany. It is used to support virtual machines for UEFI. A security vulnerability exists in SUSE ovmf that stems from unrestricted FV recursion...

SUSE SLES15 Security Update : ovmf (SUSE-SU-2021:0972-1)

This update for ovmf fixes the following issues : CVE-2021-28211: ovmf: edk2: possible heap corruption with LzmaUefiDecompressGetInfo bsc1183578 CVE-2021-28210: ovmf: unlimited FV recursion, round 2 bsc1183579 Note that Tenable Network Security has extracted the preceding description block direct...

SUSE-SU-2021:0972-1 Security update for ovmf

This update for ovmf fixes the following issues: - CVE-2021-28211: ovmf: edk2: possible heap corruption with LzmaUefiDecompressGetInfo bsc1183578 - CVE-2021-28210: ovmf: unlimited FV recursion, round 2 bsc1183579...

EulerOS 2.0 SP5 : curl (EulerOS-SA-2021-1672)

According to the version of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.CVE-2020-8285...

Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2021-1685)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...