5093 matches found
A flaw was found in grub2 in versions prior to 2.06. The option parser allows an attacker to write past the end of a heap-allocated buffer by calling certain commands with a large number of specific short forms of options. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
...
PT-2021-6079 · Rpm +8 · Rpm +8
Name of the Vulnerable Software and Affected Versions: RPM affected versions not specified Description: The issue is related to insufficient authentication of data in the RPM software's signature check functionality. This allows an attacker to potentially corrupt the RPM database and execute code...
CVE-2021-20265
A flaw was found in the way memory resources were freed in the unixstreamrecvmsg function in the Linux kernel when a signal was pending. This flaw allows an unprivileged local user to crash the system by exhausting available memory. The highest threat from this vulnerability is to system...
UBUNTU-CVE-2021-20265
A flaw was found in the way memory resources were freed in the unixstreamrecvmsg function in the Linux kernel when a signal was pending. This flaw allows an unprivileged local user to crash the system by exhausting available memory. The highest threat from this vulnerability is to system...
Design/Logic Flaw
A flaw was found in the way memory resources were freed in the unixstreamrecvmsg function in the Linux kernel when a signal was pending. This flaw allows an unprivileged local user to crash the system by exhausting available memory. The highest threat from this vulnerability is to system...
CVE-2021-20265
CVE-2021-20265 affects the Linux kernel: a memory-leak/DoS bug in unix_stream_recvmsg when a signal is pending can exhaust memory locally. Connected docs reference a fix in the upstream kernel (commit fa0dc04df259ba2df3ce1920e9690c7842f8fa4b4) and later kernel slab-leak fixes for af_unix, indicat...
CVE-2021-20265
A flaw was found in the way memory resources were freed in the unixstreamrecvmsg function in the Linux kernel when a signal was pending. This flaw allows an unprivileged local user to crash the system by exhausting available memory. The highest threat from this vulnerability is to system...
CVE-2021-20265
A flaw was found in the way memory resources were freed in the unixstreamrecvmsg function in the Linux kernel when a signal was pending. This flaw allows an unprivileged local user to crash the system by exhausting available memory. The highest threat from this vulnerability is to system...
CVE-2021-20205
A flaw was found in libjpeg-turbo versions 2.0.91 and 2.0.90 and is vulnerable to a denial of service issue caused by a divide by zero when processing a crafted GIF image. The highest threat from this vulnerability is to system availability...
NewStart CGSL MAIN 4.06 : libX11 Vulnerability (NS-SA-2021-0002)
The remote NewStart CGSL host, running version MAIN 4.06, has libX11 packages installed that are affected by a vulnerability: - An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11...
EulerOS Virtualization 2.9.1 : libldb (EulerOS-SA-2021-1606)
According to the version of the libldb package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A NULL pointer dereference, or possible use-after-free flaw was found in Samba AD LDAP server in versions before 4.10.17, before...
EulerOS Virtualization 3.0.2.6 : nss (EulerOS-SA-2021-1416)
According to the versions of the nss packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way NSS handled CCS ChangeCipherSpec messages in TLS 1.3. This flaw allows a remote attacker to send multipl...
EulerOS Virtualization 2.9.1 : sudo (EulerOS-SA-2021-1630)
According to the version of the sudo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as roo...
NewStart CGSL CORE 5.04 / MAIN 5.04 : grub2 Multiple Vulnerabilities (NS-SA-2021-0008)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has grub2 packages installed that are affected by multiple vulnerabilities: - A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw...
NewStart CGSL MAIN 6.02 : dnsmasq Multiple Vulnerabilities (NS-SA-2021-0091)
The remote NewStart CGSL host, running version MAIN 6.02, has dnsmasq packages installed that are affected by multiple vulnerabilities: - A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. A...
KLA12114 DoS vulnerability in Wireshark
A denial of service vulnerability was found in Wireshark. Malicious users can exploit this vulnerability to cause denial of service. Original advisories wnpa-sec-2021-03 · Wireshark could open unsafe URLs. Related products Wireshark CVE list CVE-2021-22191 critical Solution Update to the latest...
ImageMagick De-Zero Vulnerability (CNVD-2021-23797)
ImageMagick is a software for creating, editing, and composing images that can read, convert, and write images in many formats. A de-zero vulnerability exists in coders/webp.c in versions prior to ImageMagick 7.0.10-62. An attacker can exploit this vulnerability via specially crafted files to...
EulerOS Virtualization 3.0.6.6 : dnsmasq (EulerOS-SA-2021-1469)
According to the versions of the dnsmasq packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in dnsmasq. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with...
NewStart CGSL MAIN 6.02 : glibc Multiple Vulnerabilities (NS-SA-2021-0069)
The remote NewStart CGSL host, running version MAIN 6.02, has glibc packages installed that are affected by multiple vulnerabilities: - An out-of-bounds write vulnerability was found in glibc before 2.31 when handling signal trampolines on PowerPC. Specifically, the backtrace function did not...
NewStart CGSL CORE 5.04 / MAIN 5.04 : fwupdate Vulnerability (NS-SA-2021-0007)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has fwupdate packages installed that are affected by a vulnerability: - A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also...