golang: encoding/xml: stack exhaustion in Decoder.Skip

A flaw was found in golang encoding/xml. When calling Decoder, Skip while parsing a deeply nested XML document, a panic can occur due to stack exhaustion and allows an attacker to impact system availability...

golang: go/parser: stack exhaustion in all Parse* functions

A flaw was found in the golang standard library, go/parser. When calling any Parse functions on the Go source code, which contains deeply nested types or declarations, a panic can occur due to stack exhaustion. This issue allows an attacker to impact system availability...

golang: go/parser: stack exhaustion in all Parse* functions

A flaw was found in the golang standard library, go/parser. When calling any Parse functions on the Go source code, which contains deeply nested types or declarations, a panic can occur due to stack exhaustion. This issue allows an attacker to impact system availability...

kernel: memory leak for large arguments in video_usercopy function in drivers/media/v4l2-core/v4l2-ioctl.c

A flaw memory leak in the Linux kernel webcam device functionality was found in the way user calls ioctl that triggers videousercopy function. The highest threat from this vulnerability is to system availability...

kernel: memory leak for large arguments in video_usercopy function in drivers/media/v4l2-core/v4l2-ioctl.c

A flaw memory leak in the Linux kernel webcam device functionality was found in the way user calls ioctl that triggers videousercopy function. The highest threat from this vulnerability is to system availability...

The vulnerability of the Google Chrome browser’s extension allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Google Chrome browser’s “Feedback” extension relates to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

Amazon Linux 2022 : ImageMagick, ImageMagick-c++, ImageMagick-c++-devel (ALAS2022-2022-164)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-164 advisory. A divide-by-zero flaw was found in ImageMagick in gem.c. This flaw allows an attacker who submits a crafted file that is processed by ImageMagick to trigger undefined behavior through a divisio...

Oracle Linux 9 : python3.9 (ELSA-2022-7323)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-7323 advisory. - Security fix for CVE-2020-10735 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has n...

AlmaLinux 9 : python3.9 (ALSA-2022:7323)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:7323 advisory. - A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using inttext, a system could take 50ms to parse an int...

CVE-2022-27586

Password recovery vulnerability in SICK SIM1004 Partnumber 1098148 with firmware version = 2.0.0 as soon as possible available in SICK Support Portal...

GLSA-202210-31 : OpenEXR: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202210-31 OpenEXR: Multiple Vulnerabilities - A flaw was found in OpenEXR's hufDecode functionality. This flaw allows an attacker who can pass a crafted file to be processed by OpenEXR, to trigger an undefined right shift error. T...

KLA20196 DoS vulnerability in Opera

Type confusion vulnerability was found in Opera. Malicious users can exploit this vulnerability to cause denial of service. Original advisories Opera 92.0.4561.33 Stable update Related products Opera CVE list CVE-2022-3723 critical Solution Update to the latest version Download Opera Impacts DoS...

SUSE SLES12 Security Update : openjpeg2 (SUSE-SU-2022:3801-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3801-1 advisory. - OpenJPEG before 2.3.1 has a heap buffer overflow in colorapplyiccprofile in bin/common/color.c. CVE-2018-21010 - A flaw was found...

SUSE SLED15 / SLES15 Security Update : openjpeg2 (SUSE-SU-2022:3802-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3802-1 advisory. - Out-of-bounds accesses in the functions pinextlrcp, pinextrlcp, pinextrpcl, pinextpcrl, pinextrpcl, and...

SUSE SLED15 / SLES15 Security Update : buildah (SUSE-SU-2022:3766-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3766-1 advisory. - A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick ...

Important: golang-github-gorilla-context

Issue Overview: 2023-05-11: CVE-2022-1996 has changed status to NOT AFFECTED for this package and has been removed from this advisory. A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding. This issue could allow request smuggling,...

Important: golang-github-syndtr-gocapability

Issue Overview: 2023-05-11: CVE-2022-1996 has changed status to NOT AFFECTED for this package and has been removed from this advisory. A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating "chunked" encoding. This issue could allow request smuggling,...

Linux Kerne code issue vulnerability

The Linux Kernel is the kernel used by the Linux Foundation's open source operating system Linux, which is vulnerable. A local attacker could exploit this vulnerability to cause a system crash, which could affect system availability...

CVE-2022-41582

The security module has configuration defects.Successful exploitation of this vulnerability may affect system availability...

CVE-2022-41582

The security module has configuration defects.Successful exploitation of this vulnerability may affect system availability...