EulerOS 2.0 SP5 : quagga (EulerOS-SA-2021-1227)

According to the versions of the quagga package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The bgpnlriparsevpnv4 function in bgpmplsvpn.c in the VPNv4 NLRI parser in bgpd in Quagga before 1.0.20160309, when a certain VPNv4 configuration...

Fedora 32 : jasper (2021-0a6290f865)

The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-0a6290f865 advisory. - The JPCNOMINALGAIN function in jpc/jpct1cod.c in JasPer through 2.0.12 allows remote attackers to cause a denial of service JPCCOXRFT assertion...

EulerOS 2.0 SP5 : ImageMagick (EulerOS-SA-2021-1195)

According to the versions of the ImageMagick packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - When ImageMagick 7.0.6-1 processes a crafted file in convert, it can lead to a heap-based buffer over-read in the WriteUILImage function in...

RHEL 7 : qemu-kvm (RHSA-2021:0347)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0347 advisory. Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide th...

QEMU: reachable assertion failure in net_tx_pkt_add_raw_fragment() in hw/net/net_tx_pkt.c

An assertion failure flaw was found in QEMU in the network packet processing component. This issue affects the "e1000e" and "vmxnet3" network devices. This flaw allows a malicious guest user or process to abort the QEMU process on the host, resulting in a denial of service...

Denial Of Service (DoS)

privoxy is vulnerable to denial of service. A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 aka krb5 before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type single-DES, triple-DES, or RC4, the attacker can crash the KDC by making an S4U2Self...

CentOS 8 : nodejs:10 (CESA-2020:0579)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:0579 advisory. - nodejs: Remotely trigger an assertion on a TLS server with a malformed certificate string CVE-2019-15604 - nodejs: HTTP request smuggling using...

CentOS 8 : nodejs:12 (CESA-2020:0598)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:0598 advisory. - nodejs: Remotely trigger an assertion on a TLS server with a malformed certificate string CVE-2019-15604 - nodejs: HTTP request smuggling using...

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing resulting in denial of service.

...

CentOS 8 : poppler (CESA-2019:2713)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2019:2713 advisory. - poppler: memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc CVE-2018-18897 - poppler: NULL pointer dereference in the XRef::getEntry in...

CVE-2021-3326

A flaw was found in glibc's iconv functionality. This flaw allows an attacker capable of supplying a crafted sequence of characters to an application using iconv to convert from ISO-2022-JP-3 to cause an assertion failure. The highest threat from this vulnerability is to system availability...

CVE-2020-36228

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service...

DEBIAN-CVE-2021-3326

The iconv function in the GNU C Library aka glibc or libc6 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service...

Input validation

The iconv function in the GNU C Library aka glibc or libc6 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service...

UBUNTU-CVE-2021-3326

The iconv function in the GNU C Library aka glibc or libc6 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service...

CVE-2020-36230

A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement, resulting in denial of service...

CVE-2020-36228

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service...

CVE-2020-36230

A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c bernextelement, resulting in denial of service...

CVE-2020-36228

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service...

DEBIAN-CVE-2020-36228

An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service...