EulerOS 2.0 SP5 : cairo (EulerOS-SA-2020-2540)

According to the versions of the cairo packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in cairo 1.16.0. There is an assertion problem in the function cairoarcindirection in the file cairo-arc.c.CVE-2019-6461 ...

Huawei EulerOS: Security Advisory for cairo (EulerOS-SA-2020-2540)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Denial Of Service (DoS)

openldap is vulnerable to denial of service. An assertion failure in CSN normalization allows an attacker to crash the application with malicious input...

Medium: bind

Issue Overview: A flaw was found in bind. An assertion failure can occur when trying to verify a truncated response to a TSIG-signed request. The highest threat from this vulnerability is to system availability. CVE-2020-8622 A flaw was found in bind. An assertion failure can occur when a special...

NewStart CGSL CORE 5.05 / MAIN 5.05 : krb5 Vulnerability (NS-SA-2020-0103)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has krb5 packages installed that are affected by a vulnerability: - A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 aka krb5 before 1.17. If an attacker can obtain a krbtgt ticket using an older encrypti...

NewStart CGSL CORE 5.05 / MAIN 5.05 : bind Multiple Vulnerabilities (NS-SA-2020-0095)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has bind packages installed that are affected by multiple vulnerabilities: - managed-keys is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in...

Amazon Linux 2 : bind (ALAS-2020-1564)

The version of bind installed on the remote host is prior to 9.11.4-26.P2. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1564 advisory. A flaw was found in bind. An assertion failure can occur when trying to verify a truncated response to a TSIG-signed...

SAP HANA 授权问题漏洞

SAP HANA is a set of high-performance real-time data analytics platform from Germany's SAP SAP. The platform provides data query functions to support users to query real-time business data query and analysis. A security vulnerability exists in SAP HANA version 2.0 that stems from a failure to...

CVE-2020-29562

A denial of service flaw was found in the way glibc's iconv function handled UCS4 text containing an irreversible character. This flaw causes an application compiled with glibc and using the vulnerable function to terminate with an assertion, resulting in a denial of service. The highest threat...

GNU C Library Assertion Failure Vulnerability

The GNU C Library glibc is an open-source, free, easy-to-download C compiler released under the LGPL license. An assertion failure vulnerability exists in the iconv function in GNU C Library versions 2.30 through 2.32. An attacker can exploit this vulnerability to cause a denial of service via UC...

Denial Of Service (DoS)

sox is vulnerable to denial of service. A reachable assertion abort in the function soxappendcomment in formats.c allows an attacker to crash the application via a malicious audio file...

Denial Of Service (DoS)

QEMU is vulnerable to denial of service attacks. An unauthenticated remote attacker could kill the QEMU process on the host due to an assertion failure in the network packet processing, resulting in a denial of service condition in nettxpktaddrawfragment in hw/net/nettxpkt.c...

Denial Of Service (DoS)

qemu is vulnerable to denial of service. The vulnerability exists in ethgetgsotype function in net/eth.c routine if a packet does not have a valid networking L3 protocol which will allow a guest user to crash the qemu process on the host...

CVE-2020-29562

The iconv function in the GNU C Library aka glibc or libc6 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service...

CVE-2020-25723

A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on t...

CVE-2020-25723

A reachable assertion issue was found in the USB EHCI emulation code of QEMU. It could occur while processing USB requests due to missing handling of DMA memory map failure. A malicious privileged user within the guest may abuse this flaw to send bogus USB requests and crash the QEMU process on t...

QEMU 代码问题漏洞

QEMU Quick Emulator is a set of simulation processor software by Fabrice Bellard, a French individual developer. The software is fast and cross-platform. QEMU has a code issue vulnerability that can be exploited by an attacker to force an assertion error via QEMU's usb packet mapping to trigger a...

Debian DLA-2469-1 : qemu security update

Some issues have been found in qemu, a fast processor emulator. All issues are related to assertion failures, out-of-bounds access failures or bad handling of return codes. For Debian 9 stretch, these problems have been fixed in version 1:2.8+dfsg-6+deb9u12. We recommend that you upgrade your qem...

bind: truncated TSIG response can lead to an assertion failure

A flaw was found in bind. An assertion failure can occur when trying to verify a truncated response to a TSIG-signed request. The highest threat from this vulnerability is to system availability...

Moderate: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 7.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...