GSD-2022-1004314 ipv6: Fix signed integer overflow in l2tp_ip6_sendmsg

ipv6: Fix signed integer overflow in l2tpip6sendmsg This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.18.6 by commit...

Global overflow in pppdump leads to RCE

Global overflow vulnerability in pppdump A global overflow vulnerability is present in the pppdump utility of the ppp repo which may lead to code execution. Specifically when the -p flag is given for enabling the pppmodeon the pppdump command, a malicious crafted pppdump file can trigger a global...

Debian DLA-2996-1 : mruby - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2996 advisory. Brief introduction CVE-2017-9527 Description CVE-2018-10191 Description CVE-2018-11743 Description CVE-2018-12249 Description CVE-2018-14337 Description...

Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2022-1645)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for expat (EulerOS-SA-2022-1425)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FIS GT.M Denial of Service Vulnerability (CNVD-2022-32798)

FIS GT.M is a database platform. A security vulnerability exists in versions of FIS GT.M prior to V7.0-000, which can be exploited by an attacker to cause a size variable stored as a signed integer to equal a very large value, which is interpreted as a negative value during a check. This value is...

CVE-2021-44493

An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size of a buffer to take on a large negative number, which is then used as the length of a memcpy call...

CVE-2021-44493

An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size of a buffer to take on a large negative number, which is then used as the length of a memcpy call...

CVE-2021-44499

An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size of a buffer to take on a large negative number, which is then used as the length of a memcpy call that...

Buffer overflow

An issue was discovered in FIS GT.M through V7.0-000 related to the YottaDB code base. Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size of a buffer to take on a large negative number, which is then used as the length of a memcpy call that...

Buffer overflow

An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size of a buffer to take on a large negative number, which is then used as the length of a memcpy call...

Debian DLA-2935-1 : expat - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2935 advisory. - Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES. CVE-2022-23852 - xmltokimpl.c i...

Amazon Linux 2 : expat (ALAS-2022-1754)

The version of expat installed on the remote host is prior to 2.1.0-12. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1754 advisory. expat libexpat is susceptible to a software flaw that causes process interruption. When processing a large number of prefixed XML...

SUSE SLED15 / SLES15 Security Update : expat (SUSE-SU-2022:0498-1)

The remote SUSE Linux SLED15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0498-1 advisory. - Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero...

SUSE-SU-2022:0498-1 Security update for expat

This update for expat fixes the following issues: - CVE-2022-23852: Fixed signed integer overflow in XMLGetBuffer bsc1195054. - CVE-2022-23990: Fixed integer overflow in the doProlog function bsc1195217...

OPENSUSE-SU-2022:0498-1 Security update for expat

This update for expat fixes the following issues: - CVE-2022-23852: Fixed signed integer overflow in XMLGetBuffer bsc1195054. - CVE-2022-23990: Fixed integer overflow in the doProlog function bsc1195217...

SUSE: Security Advisory (SUSE-SU-2022:14884-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated expat packages fix security vulnerability

Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES. CVE-2022-23852 Expat aka libexpat before 2.4.4 has an integer overflow in the doProlog function. CVE-2022-23990...

MGASA-2022-0048 Updated expat packages fix security vulnerability

Expat aka libexpat before 2.4.4 has a signed integer overflow in XMLGetBuffer, for configurations with a nonzero XMLCONTEXTBYTES. CVE-2022-23852 Expat aka libexpat before 2.4.4 has an integer overflow in the doProlog function. CVE-2022-23990...

Debian DLA-2904-1 : expat - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2904 advisory. - In Expat aka libexpat before 2.4.3, a left shift by 29 or more places in the storeAtts function in xmlparse.c can lead to realloc misbehavior e.g., allocating to...