EulerOS 2.0 SP9 : libjpeg-turbo (EulerOS-SA-2022-2325)

According to the versions of the libjpeg-turbo package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer...

CVE-2022-38633

Genymotion Desktop v3.2.1 was discovered to contain a DLL hijacking vulnerability which allows attackers to escalate privileges and execute arbitrary code via a crafted binary...

CVE-2022-38496

LIEF commit 365a16a was discovered to contain a reachable assertion abort via the component BinaryStream.hpp...

CVE-2022-38495

LIEF commit 365a16a was discovered to contain a heap-buffer overflow via the function printbinary at /c/machoreader.c...

PYSEC-2022-43137

LIEF commit 365a16a was discovered to contain a reachable assertion abort via the component BinaryStream.hpp...

UBUNTU-CVE-2022-38495

LIEF commit 365a16a was discovered to contain a heap-buffer overflow via the function printbinary at /c/machoreader.c...

PYSEC-2022-43137

LIEF commit 365a16a was discovered to contain a reachable assertion abort via the component BinaryStream.hpp...

CVE-2022-37703

In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. An attacker can abuse this vulnerability to know if a directory exists or not anywhere in the fs. The binary will use opendir as root directly without checking the path, letting the attacker provide an...

DEBIAN-CVE-2022-37703

In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. An attacker can abuse this vulnerability to know if a directory exists or not anywhere in the fs. The binary will use opendir as root directly without checking the path, letting the attacker provide an...

CVE-2022-37703

In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. An attacker can abuse this vulnerability to know if a directory exists or not anywhere in the fs. The binary will use opendir as root directly without checking the path, letting the attacker provide an...

CVE-2022-37703

In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. An attacker can abuse this vulnerability to know if a directory exists or not anywhere in the fs. The binary will use opendir as root directly without checking the path, letting the attacker provide an...

CVE-2022-38453

Multiple binary application files on the CMS8000 device are compiled with 'not stripped' and 'debuginfo' compilation settings. These compiler settings greatly decrease the level of effort for a threat actor to reverse engineer sensitive code and identify additional vulnerabilities...

Code injection

Multiple binary application files on the CMS8000 device are compiled with 'not stripped' and 'debuginfo' compilation settings. These compiler settings greatly decrease the level of effort for a threat actor to reverse engineer sensitive code and identify additional vulnerabilities...

CVE-2022-38453

The CVE-2022-38453 issue affects the CMS8000 device, where multiple binary application files are compiled with 'not stripped' and 'debug_info' settings. This weakens reverse-engineering resistance and could enable an attacker to identify additional vulnerabilities in the affected software stack. ...

CVE-2022-38453 Contec Health CMS8000

Multiple binary application files on the CMS8000 device are compiled with 'not stripped' and 'debuginfo' compilation settings. These compiler settings greatly decrease the level of effort for a threat actor to reverse engineer sensitive code and identify additional vulnerabilities...

CVE-2022-2989

An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to...

CVE-2022-2990

An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able t...

UBUNTU-CVE-2022-2989

An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to...

CVE-2022-2990

An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able t...

CVE-2022-2990

An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able t...