Amazon Linux 2 : kernel, --advisory ALAS2-2022-1774 (ALAS-2022-1774)

The version of kernel installed on the remote host is prior to 4.14.275-207.503. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1774 advisory. A buffer overflow flaw was found in the Linux kernel's NFC protocol functionality. This flaw allows a local user t...

EulerOS Virtualization 2.10.1 : edk2 (EulerOS-SA-2022-1390)

According to the versions of the edk2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of...

EulerOS Virtualization 2.10.0 : edk2 (EulerOS-SA-2022-1416)

According to the versions of the edk2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of...

Vulnerability of the Cluster component: The general system for managing MySQL Cluster databases, which allows attackers to execute arbitrary code.

Vulnerability of the Cluster component: General database management systems like MySQL Cluster are vulnerable due to writing beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...

Vulnerability of the Cluster component: The general system for managing MySQL Cluster databases, which allows attackers to execute arbitrary code.

Vulnerability of the Cluster component: General database management systems like MySQL Cluster are vulnerable due to buffer overflows in the stack. Exploitation of this vulnerability can allow an attacker to execute arbitrary code remotely...

ROS-20220407-01

Vulnerability of libsndfile audio file reading and writing library is related to memory leak in function cafreadheader. Exploitation of the vulnerability could allow an attacker acting remotely to force an application to incorrectly free memory before deleting the last link and executing an attac...

CVE-2021-32976 Moxa NPort IAW5000A-I/O Series Serial Device Server Stack-based Buffer Overflow

Five buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier may allow a remote attacker to initiate a denial-of-service attack and execute arbitrary code...

CVE-2021-32968

CVE-2021-32968 affects Moxa NPort IAW5000A-I/O Series Serial Device Server firmware version 2.2 and earlier, where two buffer overflows in the built-in web server may allow a remote attacker to cause a denial-of-service. The vulnerability is documented across multiple sources (NVD, Red Hat, ICS-C...

openSUSE: Security Advisory for frr (openSUSE-SU-2022:0901-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] [DLA 2960-1] apache2 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2960-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort March 22, 2022 https://wiki.debian.org/LTS -...

SUSE: Security Advisory (SUSE-SU-2022:0901-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for frr (important)

openSUSE Security Update: Security update for frr Announcement ID: openSUSE-SU-2022:0901-1 Rating: important References: 1180217 1196503 1196504 1196505 1196506 1196507 Cross-References: CVE-2022-26125 CVE-2022-26126 CVE-2022-26127 CVE-2022-26128 CVE-2022-26129 CVSS scores: CVE-2022-26125 NVD : 7...

glibc security update

2.28-164.0.5.3 - Merge external errata patches. - Siddhesh Poyarekar - 2.28-164.3 - CVE-2021-3999: getcwd: align stack on clone in aarch64 and fix a memory leak 2032280 - Siddhesh Poyarekar - 2.28-164.2 - CVE-2022-23218, CVE-2022-23219: Fix buffer overflows in sunrpc clntcreate for 'unix' and...

Moderate: Red Hat Security Advisory: glibc security update

An update for glibc is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Debian: Security Advisory (DLA-2947-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2947-1] vim security update

Debian LTS Advisory DLA-2947-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany March 11, 2022 https://wiki.debian.org/LTS Package : vim Version : 2:8.0.0197-4+deb9u5 CVE ID : CVE-2021-3984 CVE-2021-4019 CVE-2021-4069 CVE-2021-4193 CVE-2022-0213 CVE-2022-0319...

CVE-2022-26490

st21nfcaconnectivityeventreceived in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVTTRANSACTION buffer overflows because of untrusted length parameters...

Buffer overflow

st21nfcaconnectivityeventreceived in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVTTRANSACTION buffer overflows because of untrusted length parameters...

CVE-2022-26490

st21nfcaconnectivityeventreceived in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVTTRANSACTION buffer overflows because of untrusted length parameters...

ASB-A-210292376

In various setup methods of the USB gadget subsystem, there is a possible out of bounds write due to an incorrect flag check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...