SUSE SLES12 Security Update : kernel (SUSE-SU-2020:1275-1) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

The SUSE Linux Enterprise 12 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2020-11494: An issue was discovered in slcbump in drivers/net/can/slcan.c, which allowed attackers to read uninitialized canframe data, potentially containing...

The vulnerability of the tcp_recvmsg() function in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the tcprecvmsg function in the Linux operating system stems from buffer overflows. Exploiting this vulnerability can allow an attacker to cause a service failure...

Heap-based Buffer Over-read

libXcursor is vulnerabl to integer overflows. It leads to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP. It is also possible that an attack vector exists against the related code in cursor/xcursor.c in Wayland...

Denial Of Service (DoS)

radare2 through 3.5.1 mishandles the RParse API, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impact, as demonstrated by newstr buffer overflows during replace operations. This affects libr/asm/asm.c and libr/parse/parse.c...

The vulnerability of the Win32k component in Windows operating systems, which allows attackers to increase their privileges

The vulnerability of the Win32k component in Windows operating systems is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to enhance their privileges and gain full control over the system through a specially create...

Amazon Linux 2 : ipmitool (ALAS-2020-1420)

The version of ipmitool installed on the remote host is prior to 1.8.18-9. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1420 advisory. It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN...

Important: ipmitool

Issue Overview: It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side. This is especially dangerous if ipmitool is run...

Updated fortune-mod packages fixes potential security issues

Updated fortune-mod fixes integer and buffer overflows that might have security implications...

MGASA-2020-0199 Updated fortune-mod packages fixes potential security issues

Updated fortune-mod fixes integer and buffer overflows that might have security implications...

Huawei EulerOS: Security Advisory for ipmitool (EulerOS-SA-2020-1534)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 8 : tigervnc (RHSA-2020:1497)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1497 advisory. Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine...

Huawei EulerOS: Security Advisory for ipmitool (EulerOS-SA-2020-1479)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for ipmitool (EulerOS-SA-2020-1392)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for gpgme (EulerOS-SA-2020-1494)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP3 : qemu-kvm (EulerOS-SA-2020-1430)

According to the versions of the qemu-kvm packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In libslirp 4.1.0, as used in QEMU 4.2.0, tcpsubr.c misuses snprintf return values, leading to a buffer overflow in later code.CVE-2020-8608 -...

EulerOS 2.0 SP3 : ipmitool (EulerOS-SA-2020-1392)

According to the version of the ipmitool package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may...

EulerOS 2.0 SP3 : opensc (EulerOS-SA-2020-1417)

According to the versions of the opensc package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Several buffer overflows when handling responses from a Muscle Card in musclelistfiles in libopensc/card-muscle.c in OpenSC before 0.19.0-rc1 cou...

Arbitrary Code Execution

gstreamer-plugins-good is vulnerable to arbitrary code execution. The vulnerability exists through multiple heap buffer overflows and an array indexing error were found in the GStreamer's QuickTime media file format decoding plugin. An attacker could create a carefully-crafted QuickTime media .mo...

Buffer Overflows

The Xen package is vulnerable to Buffer Overflows. A malicious local administrator of a guest domain could potentially trigger this flaw and execute arbitrary code outside of the domain...

CVE-2018-11218

Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows...