UBUNTU-CVE-2021-28210

An unlimited recursion in DxeCore in EDK II...

CVE-2021-28210

A flaw was found in edk2. An unlimited recursion in DxeCore may allow an attacker to corrupt the system memory. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2021-1641)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2021-1645)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for krb5 (EulerOS-SA-2021-1605)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Deserialization of untrusted data

The fbunserialize function did not impose a depth limit for nested deserialization. That meant a maliciously constructed string could cause deserialization to recurse, leading to stack exhaustion. This issue affected HHVM prior to v4.32.3, between versions 4.33.0 and 4.56.0, 4.57.0, 4.58.0, 4.58....

EulerOS Virtualization 2.9.0 : curl (EulerOS-SA-2021-1645)

According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match...

EulerOS Virtualization 2.9.0 : krb5 (EulerOS-SA-2021-1641)

According to the version of the krb5 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - MIT Kerberos 5 aka krb5 before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message becaus...

NewStart CGSL MAIN 4.06 : bind Multiple Vulnerabilities (NS-SA-2021-0003)

The remote NewStart CGSL host, running version MAIN 4.06, has bind packages installed that are affected by multiple vulnerabilities: - Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows or successfully guesses th...

EulerOS Virtualization 3.0.2.6 : curl (EulerOS-SA-2021-1410)

According to the version of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match...

NewStart CGSL MAIN 6.02 : libcroco Vulnerability (NS-SA-2021-0056)

The remote NewStart CGSL host, running version MAIN 6.02, has libcroco packages installed that are affected by a vulnerability: - libcroco through 0.6.13 has excessive recursion in crparserparseanycore in cr-parser.c, leading to stack consumption. CVE-2020-12825 Note that Nessus has not tested fo...

EulerOS Virtualization 3.0.6.6 : krb5 (EulerOS-SA-2021-1487)

According to the version of the krb5 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - MIT Kerberos 5 aka krb5 before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message becaus...

EulerOS Virtualization for ARM 64 3.0.2.0 : krb5 (EulerOS-SA-2021-1403)

According to the versions of the krb5 packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Kerberos is a network authentication system. The krb5-server package contains the programs that must be installed on a...

EulerOS Virtualization 3.0.2.6 : krb5 (EulerOS-SA-2021-1414)

According to the version of the krb5 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - MIT Kerberos 5 aka krb5 before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because...

NewStart CGSL CORE 5.04 / MAIN 5.04 : libcroco Vulnerability (NS-SA-2021-0021)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has libcroco packages installed that are affected by a vulnerability: - libcroco through 0.6.13 has excessive recursion in crparserparseanycore in cr-parser.c, leading to stack consumption. CVE-2020-12825 Note that Nessus has n...

AZL-35149 CVE-2021-20255 affecting package qemu for versions less than 6.2.0-18

A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device emulator of QEMU. This issue occurs while processing controller commands due to a DMA reentry issue. This flaw allows a guest user or process to consume CPU cycles or crash the QEMU process on the hos...

AZL-6829 CVE-2021-20255 affecting package qemu for versions less than 6.2.0-2

A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device emulator of QEMU. This issue occurs while processing controller commands due to a DMA reentry issue. This flaw allows a guest user or process to consume CPU cycles or crash the QEMU process on the hos...

UBUNTU-CVE-2021-20255

A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device emulator of QEMU. This issue occurs while processing controller commands due to a DMA reentry issue. This flaw allows a guest user or process to consume CPU cycles or crash the QEMU process on the hos...

Stack overflow

A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device emulator of QEMU. This issue occurs while processing controller commands due to a DMA reentry issue. This flaw allows a guest user or process to consume CPU cycles or crash the QEMU process on the hos...

CVE-2021-20255

A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device emulator of QEMU. This issue occurs while processing controller commands due to a DMA reentry issue. This flaw allows a guest user or process to consume CPU cycles or crash the QEMU process on the hos...