102 matches found
Huawei EulerOS: Security Advisory for openldap (EulerOS-SA-2021-2277)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.2.2 : openldap (EulerOS-SA-2021-2152)
According to the versions of the openldap packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. A...
MGASA-2021-0220 Updated bind packages fix security vulnerabilities
A broken inbound incremental zone update IXFR can cause named to terminate unexpectedlyCVE-2021-25214. Mageia 7 version not affected. An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself CVE-2021-25215. This affects both...
SUSE: Security Advisory (SUSE-SU-2021:0653-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:2914-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-2469-1 : qemu security update
Some issues have been found in qemu, a fast processor emulator. All issues are related to assertion failures, out-of-bounds access failures or bad handling of return codes. For Debian 9 stretch, these problems have been fixed in version 1:2.8+dfsg-6+deb9u12. We recommend that you upgrade your qem...
Oracle Linux 8 : bind (ELSA-2020-4500)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4500 advisory. - Fix tsig-request verify CVE-2020-8622 - Prevent PKCS11 daemon crash on crafted packet CVE-2020-8623 - Correct update-policy type subdomain to match...
SUSE SLES11 Security Update : ImageMagick (SUSE-SU-2018:0880-1)
This update for ImageMagick fixes several issues. These security issues were fixed : - CVE-2018-8804: The WriteEPTImage function allowed remote attackers to cause a denial of service double free and application crash or possibly have unspecified other impact via a crafted file bsc1086011 -...
Denial Of Service (DoS)
ImageMagick is vulnerable to denial of service DoS attacks. A malicious user can pass tga files to the system to cause assertion failures, leading to the system crashing...
Design/Logic Flaw
An issue was discovered in ImageMagick 6.9.7. Incorrect TGA files could trigger assertion failures, thus leading to DoS...
DEBIAN-CVE-2017-6498
An issue was discovered in ImageMagick 6.9.7. Incorrect TGA files could trigger assertion failures, thus leading to DoS...
CVE-2017-6498
An issue was discovered in ImageMagick 6.9.7. Incorrect TGA files could trigger assertion failures, thus leading to DoS...
UBUNTU-CVE-2017-6498
An issue was discovered in ImageMagick 6.9.7. Incorrect TGA files could trigger assertion failures, thus leading to DoS...
Debian DLA-805-1 : bind9 security update
Several denial of service vulnerabilities assertion failures were discovered in BIND, a DNS server implementation. CVE-2016-9131 A crafted upstream response to an ANY query could cause an assertion failure. CVE-2016-9147 A crafted upstream response with self-contradicting DNSSEC data could cause ...
openSUSE Security Update : bind (openSUSE-2017-114)
This update for bind fixes the following issues : - Fix a potential assertion failure that could have been triggered by a malformed response to an ANY query, thereby facilitating a denial-of-service attack. CVE-2016-9131, bsc1018700, bsc1018699 - Fix a potential assertion failure that could have...
Debian DSA-3758-1 : bind9 - security update
Several denial-of-service vulnerabilities assertion failures were discovered in BIND, a DNS server implementation. - CVE-2016-9131 A crafted upstream response to an ANY query could cause an assertion failure. - CVE-2016-9147 A crafted upstream response with self-contradicting DNSSEC data could...
SUSE SLES11 Security Update : bind (SUSE-SU-2017:0112-1)
This update for bind fixes the following issues : - Fix a potential assertion failure that could have been triggered by a malformed response to an ANY query, thereby facilitating a denial-of-service attack. CVE-2016-9131, bsc1018700, bsc1018699 - Fix a potential assertion failure that could have...
Debian Security Advisory DSA 3758-1 (bind9 - security update)
Several denial-of-service vulnerabilities assertion failures were discovered in BIND, a DNS server implementation. CVE-2016-9131 A crafted upstream response to an ANY query could cause an assertion failure. CVE-2016-9147 A crafted upstream response with self-contradicting DNSSEC data could cause ...
BIND -- multiple vulnerabilities
ISC reports: A malformed query response received by a recursive server in response to a query of RTYPE ANY could trigger an assertion failure while named is attempting to add the RRs in the query response to the cache. Depending on the type of query and the EDNS options in the query they receive,...
Microsoft Edge - CBaseScriptable::PrivateQueryInterface Memory Corruption (MS16-068)
Microsoft Edge - CBaseScriptable::PrivateQueryInterface Memory Corruption MS16-068 Source: http://blog.skylined.nl/20161205001.html Synopsis A specially crafted web-page can trigger a memory corruption vulnerability in Microsoft Edge. I did not investigate this vulnerability thoroughly, so I...