Debian: Security Advisory (DLA-2766-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 20.04 LTS : EDK II vulnerabilities (USN-5088-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5088-1 advisory. It was discovered that EDK II incorrectly handled input validation in MdeModulePkg. A local user could possibly use this issue to cause EDK II to crash,...

openSUSE: Security Advisory for samba (openSUSE-SU-2021:3187-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fix of CVE: CVE-2020-10543

CVE-2020-10543: fix signed integer overflow leading to heap buffer overrun...

OPENSUSE-SU-2021:3187-1 Security update for samba

This update for samba fixes the following issues: - CVE-2021-20277: Fixed an out of bounds read in ldbhandlerfold bsc1183574. - CVE-2021-20254: Fixed a buffer overrun in sidstounixids bsc1184677. - CVE-2020-27840: Fixed an unauthenticated remote heap corruption via bad DNs bsc1183572. - Spec file...

SUSE-SU-2021:3187-1 Security update for samba

This update for samba fixes the following issues: - CVE-2021-20277: Fixed an out of bounds read in ldbhandlerfold bsc1183574. - CVE-2021-20254: Fixed a buffer overrun in sidstounixids bsc1184677. - CVE-2020-27840: Fixed an unauthenticated remote heap corruption via bad DNs bsc1183572. - Spec file...

Fix of CVE: CVE-2018-0739, CVE-2018-0737, CVE-2021-3712, CVE-2018-0732

fix CVE-2021-3712 - handling ASN.1 string as NULL terminated leads to read buffer overrun - Port patches from oracle6els branch, original changelog entry: - Oracle bug 28730228: backport CVE-2018-0732 - Oracle bug 28758493: backport CVE-2018-0737 - Merge upstream patch to fix CVE-2018-0739 -...

SUSE-SU-2021:2966-2 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: - CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712. Read buffer overruns processing ASN.1 strings bsc1189521...

Yenkee Hornet Gaming Mouse Denial Of Service

Exploit Title: Yenkee Hornet Gaming Mouse - 'GM312Fltr.sys' Denial-Of-Service PoC Date: 2021/04/07 Exploit Author: Quadron Research Lab Version: all version Tested on: Windows 10 x64 HUN/ENG Professional Vendor: https://www.yenkee.eu/gaming-mouse-hornet-aim/yms-3029 Reference:...

SUSE SLES12 Security Update : openssl (SUSE-SU-2021:3144-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:3144-1 advisory. - ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a...

SUSE-SU-2021:3144-1 Security update for openssl

This update for openssl fixes the following issues: - CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712. Read buffer overruns processing ASN.1 strings bsc1189521...

The vulnerability of the gray_split_cubic function in the Rlottie animation-generation library, related to buffer-out writing, allows attackers to compromise data integrity and cause service failures.

The vulnerability of the graysplitcubic function in the Rlottie animation playback library is related to the writing beyond buffer boundaries. Exploiting this vulnerability could allow a malicious actor to compromise data integrity and cause service failures due to the malicious animated sticker...

The vulnerability of the API virConnectListAllNodeDevices in the Libvirt management library, when using the GRID driver, relates to a failure of the operation beyond the buffer boundaries in memory. This vulnerability allows an attacker to trigger a service failure.

The vulnerability of the API virConnectListAllNodeDevices in the Libvirt control library, when using the GRID driver, is related to the operation exceeding the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to trigger a service failure using the virsh...

SUSE SLES11 Security Update : openssl1 (SUSE-SU-2021:14801-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2021:14801-1 advisory. - ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field holdi...

SUSE-SU-2021:14802-1 Security update for openssl

This update for openssl fixes the following issues: - CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712. Read buffer overruns processing ASN.1 strings bsc1189521...

openSUSE 15 Security Update : openssl-1_0_0 (openSUSE-SU-2021:1261-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1261-1 advisory. - ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a field...

OPENSUSE-SU-2021:1261-1 Security update for openssl-1_0_0

This update for openssl-100 fixes the following issues: - CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712. Read buffer overruns processing ASN.1 strings bsc1189521. This update was imported from the SUSE:SLE-15:Update update project...

SUSE SLES12 Security Update : compat-openssl098 (SUSE-SU-2021:3019-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:3019-1 advisory. - ASN.1 strings are represented internally within OpenSSL as an ASN1STRING structure which contains a buffer holding the string data and a...

SUSE-SU-2021:3019-1 Security update for compat-openssl098

This update for compat-openssl098 fixes the following issues: - CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712. Read buffer overruns processing ASN.1 strings bsc1189521...

OPENSUSE-SU-2021:1248-1 Security update for openssl-1_1

This update for openssl-11 fixes the following issues: - CVE-2021-3712: This is an update for the incomplete fix for CVE-2021-3712. Read buffer overruns processing ASN.1 strings bsc1189521. This update was imported from the SUSE:SLE-15-SP2:Update update project...