IBM AIX Command Execution Vulnerability

IBM AIX Advanced Interactive eXecutive is a UNIX operating system developed by IBM. IBM AIX has a command execution vulnerability that can be exploited by an attacker to execute arbitrary commands...

IBM DB2 安全漏洞

IBM DB2 is a relational database management system from International Business Machines IBM. The main execution environments for this system are UNIX, Linux, IBMi, z/OS, and Windows server versions. A code execution vulnerability exists in IBM DB2, which can be exploited by an attacker to cause...

SUSE CVE-2015-3240

The pluto IKE daemon in libreswan before 3.15 and Openswan before 2.6.45, when built with NSS, allows remote attackers to cause a denial of service assertion failure and daemon restart via a zero DH g^x value in a KE payload in a IKE packet...

IBM AIX 安全漏洞

IBM AIX is an open standards-based UNIX operating system developed by International Business Machines IBM for the IBM Power architecture. IBM AIX suffers from a denial-of-service vulnerability that can be exploited by unprivileged local attackers to cause a denial of service...

Mozilla: Symlinks may resolve to partially uninitialized buffers

The Mozilla Foundation Security Advisory describes this flaw as: When resolving a symlink such as file:///proc/self/fd/1, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer...

Important: mingw-zlib security update

The zlib packages provide a general-purpose lossless data compression library that is used by many different programs. Security Fixes: zlib: A flaw found in zlib when compressing not decompressing certain inputs CVE-2018-25032 For more details about the security issues, including the impact, a CV...

Oracle Solaris Denial of Service Vulnerability (CNVD-2022-54630)

Oracle Solaris is a UNIX operating system from Oracle. A denial of service vulnerability exists in the SMB Server component of Oracle Solaris 11. An attacker could exploit this vulnerability to corrupt Oracle Solaris and cause Oracle Solaris to hang or crash frequently and repeatedly a complete...

Important: kernel security, bug fix, and enhancement update

The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: fget: check that the fd still exists after getting a ref to it CVE-2021-4083 kernel: avoid cyclic entity chains due to malformed USB descriptors CVE-2020-0404 kernel: speculation on...

subscription-manager bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

Appneta Tcpreplay 安全漏洞

Appneta Tcpreplay is a suite of open source utilities for editing and replaying network traffic on UNIX-based operating systems from Appneta, Inc. A security vulnerability exists in Appneta Tcpreplay version 4.4.1, which stems from a memory leak in the fixipv6checksums function that affects data...

Oracle Solaris has an unspecified vulnerability (CNVD-2022-31849)

Oracle Solaris is a UNIX operating system from Oracle Systems, Inc. A security vulnerability in Oracle Solaris allows a highly privileged attacker to compromise Oracle Solaris by logging into the infrastructure where Oracle Solaris is executed. A successful attack requires human interaction from...

Oracle Solaris Denial of Service Vulnerability (CNVD-2022-31682)

Oracle Solaris is a UNIX operating system from Oracle. A security vulnerability exists in Oracle Systems' Oracle Solaris product component: kernel that could allow a low-privileged attacker to compromise Oracle Solaris by logging on to the infrastructure that executes Oracle Solaris.The...

Important: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CVE-2022-25484

tcpprep v4.4.1 has a reachable assertion assertl2len 0 in packet2tree at tree.c in tcpprep v4.4.1...

IBM AIX 输入验证错误漏洞

IBM AIX is an open standards-based UNIX operating system developed by IBM for the IBM Power architecture. IBM AIX has an input validation error vulnerability, which stems from a problem with CAA/Kernel and can be exploited by an attacker to trigger a denial of service...

IBM AIX Information Disclosure Vulnerability (CNVD-2021-91419)

IBM AIX is an open standards-based UNIX operating system developed by IBM for the IBM Power architecture. IBM AIX has an information disclosure vulnerability that stems from a problem with IBM AIX's handling of user privileges, which can be exploited by a non-privileged local attacker to gain...

IBM AIX Privilege Permission and Access Control Issue Vulnerability (CNVD-2021-71526)

IBM AIX is an open standards-based UNIX operating system developed for the IBM Power architecture by the U.S. company IBM. There is a privilege permission and access control issue vulnerability in several IBM applications. The vulnerability stems from the lack of effective privilege permission an...

IBM AIX Denial of Service Vulnerability (CNVD-2021-88194)

IBM AIX is an open standards-based UNIX operating system developed by IBM for the IBM Power architecture. A denial of service vulnerability exists in IBM AIX version 7.1, 7.2, and VIOS version 3.1. A local attacker could exploit this vulnerability to cause a denial of service...

GHSA-HC92-9H3M-C39J vulnerabilities

Vulnerabilities for packages: buck2...

CVE-2019-4588

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to execute arbitrary code and conduct DLL hijacking attacks...