85 matches found
RHEL 8 : mingw-glib2 (RHSA-2021:4526)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4526 advisory. GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in...
Integer overflow
Multiple exploitable integer overflow vulnerabilities exist within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that...
Denial Of Service (DoS)
glib2 is vulnerable to denial of service. When gbytearraynewtake is called with a buffer of 4GB or more on a 64-bit platform, an integer overflow occurs as the length would be a truncated modulo 232, causing unintended length truncation...
Oracle Linux 8 : glib2 (ELSA-2021-3058)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-3058 advisory. 2.56.4-10.1 - Fix CVE-2021-27218 Resolves: 1974888 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...
Moderate: glib2 security update
GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fixes: glib: integer overflow in...
glib2 security update
An update is available for glib2. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GLib provides the core application building blocks for libraries and applicatio...
RLSA-2021:3058 Moderate: glib2 security update
GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fixes: glib: integer overflow in...
ALSA-2021:3058 Moderate: glib2 security update
GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fixes: glib: integer overflow in...
Huawei EulerOS: Security Advisory for glib2 (EulerOS-SA-2021-2030)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 8 : glib2 (CESA-2021:2170)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:2170 advisory. - glib: integer overflow in gbytesnew function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits CVE-2021-27219 Note that Nessus has not teste...
glib: integer overflow in g_bytes_new function on 64-bit platforms due to an implicit cast from 64 bits to 32 bits
An integer wraparound was discovered in glib due to passing a 64 bit sized value to function gmemdup which accepts a 32 bits number as argument. An attacker may abuse this flaw when an application linked against the glib library uses gbytesnew function or possibly other functions that use gmemdup...
EulerOS 2.0 SP5 : glib2 (EulerOS-SA-2021-1898)
According to the versions of the glib2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If gbytearraynewtake was called with a buffer of 4GB or more on a...
Mozilla: Incorrect size computation in WebAssembly JIT could lead to null-reads
The WebAssembly JIT could miscalculate the size of a return type, which could lead to a null read and result in a crash. Note: This issue only affected x86-32 platforms. Other platforms are unaffected.. This vulnerability affects Firefox ESR 78.10, Thunderbird 78.10, and Firefox 88...
EulerOS Virtualization 2.9.1 : glib2 (EulerOS-SA-2021-1712)
According to the versions of the glib2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in GNOME GLib before 2.66.8. When gfilereplace is used with GFILECREATEREPLACEDESTINATION to replace a path...
Huawei EulerOS: Security Advisory for glib2 (EulerOS-SA-2021-1759)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-27218
An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If gbytearraynewtake was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated modulo 232, causing unintended length truncation...
ALPINE-CVE-2021-27218
An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If gbytearraynewtake was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated modulo 232, causing unintended length truncation...
Internet Bug Bounty: CVE-2020-10938-buffer overflow/out-of-bounds write in compress.c:HuffmanDecodeImage()
Hello, There is an out-of-bounds write that is likely exploitable while performing Huffman decoding of Fax images. The technical details are as follows. Type: integer underflow produces out of bounds heap/etc write Platform: 32-bit Details: 390 MagickExport MagickPassFail HuffmanDecodeImageImage...
CVE-2012-6124
A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to return a constant value. NOTE: the vendor states "This function wasn't used for security purposes and is advertised as being unsuitable."...
Code injection
A casting error in Chicken before 4.8.0 on 64-bit platform caused the random number generator to return a constant value. NOTE: the vendor states "This function wasn't used for security purposes and is advertised as being unsuitable."...