Ubuntu 16.04 ESM : libXrender vulnerabilities (USN-5436-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5436-1 advisory. Tobias Stoeckmann discovered that libXrender incorrectly handled certain responses. An attacker could possibly use this issue to cause a denial of servic...

CVE-2020-25693

A flaw was found in the CImg library. Multiple integer overflows lead to heap buffer overflows in loadpnm, which can be triggered by a specially crafted input file processed by CImg. The highest risk from this vulnerability is to integrity and system availability...

Security update for busybox (important)

SUSE Security Update: Security update for busybox Announcement ID: openSUSE-SU-2022:0135-1 Rating: important References: 1064976 1064978 1069412 1099260 1099263 1102912 1121426 1121428 1184522 1192869 1198676 1198677 1198678 1198679 1198680 1198703 951562 970662 970663 991940 Cross-References:...

[SECURITY] [DLA 3011-1] vim security update

Debian LTS Advisory DLA-3011-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany May 16, 2022 https://wiki.debian.org/LTS Package : vim Version : 2:8.0.0197-4+deb9u6 CVE ID : CVE-2022-0261 CVE-2022-0351 CVE-2022-0413 CVE-2022-0443 CVE-2022-0572 CVE-2022-1154...

Ubuntu 16.04 ESM : Linux kernel vulnerabilities (USN-5413-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5413-1 advisory. Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate...

NewStart CGSL MAIN 6.02 : raptor2 Multiple Vulnerabilities (NS-SA-2022-0054)

The remote NewStart CGSL host, running version MAIN 6.02, has raptor2 packages installed that are affected by multiple vulnerabilities: - raptorxmlwriterstartelementcommon in raptorxmlwriter.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer,...

Huawei EulerOS: Security Advisory for edk2 (EulerOS-SA-2022-1597)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-5127-1 : linux - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5127 advisory. Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. CVE-2021-4197 Er...

Amazon Linux 2 : kernel, --advisory ALAS2KERNEL-5.4-2022-025 (ALASKERNEL-5.4-2022-025)

The version of kernel installed on the remote host is prior to 5.4.188-104.359. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.4-2022-025 advisory. Product: AndroidVersions: Android kernelAndroid ID: A-224546354References: Upstream kernel CVE-2022-20368 ...

Libextractor multiple heap-based buffer overflows

Multiple heap-based buffer overflows in Libextractor 0.5.13 and earlier allow remote attackers to execute arbitrary code via 1 the asfreadheader function in the ASF plugin plugins/asfextractor.c, and 2 the parsetrakatom function in the QT plugin plugins/qtextractor.c...

The vulnerability of embedded software developed by Qualcomm, caused by buffer overflows, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of embedded software developed by Qualcomm stems from buffer overflows. Exploiting this vulnerability can allow attackers to compromise the confidentiality, integrity, and accessibility of protected information due to improper input validation...

Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-5390-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5390-1 advisory. David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could u...

Spock SLAF - A Shared Library Application Firewall "SLAF"

Spock SLAF is a Shared Library Application Firewall "SLAF". It has the purpose to protect any service that uses the OpenSSL library. The SLAF inserts hooking to intercept all communication to detect security anomalies and block and log attacks like buffer overflow, path traversal, XXE and SQL...

SUSE SLES12 Security Update : kernel (SUSE-SU-2022:1270-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1270-1 advisory. - In the Linux kernel before 5.15.3, fs/quota/quotatree.c does not validate the block number in the quota tree on disk. This can, f...

Slackware: Security Advisory (SSA:2015-337-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the `php_wddx_push_element` function in the PHP programming language allows a hacker to trigger a service failure.

The vulnerability of the phpwddxpushelement function ext/wddx/wddx.c in the PHP programming language is caused by buffer overflows. Exploiting this vulnerability can allow an attacker to cause a service failure due to an incorrect logical element in an XML document...

SUSE SLES12 Security Update : kernel (SUSE-SU-2022:1267-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1267-1 advisory. - Product: AndroidVersions: Android kernelAndroid ID: A-173788806References: Upstream kernel CVE-2021-39713 - In the Linux kernel...

Amazon Linux AMI : kernel (ALAS-2022-1581)

The version of kernel installed on the remote host is prior to 4.14.275-142.503. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2022-1581 advisory. A buffer overflow flaw was found in the Linux kernel's NFC protocol functionality. This flaw allows a local user to...

Amazon Linux 2 : kernel, --advisory ALAS2-2022-1774 (ALAS-2022-1774)

The version of kernel installed on the remote host is prior to 4.14.275-207.503. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1774 advisory. A buffer overflow flaw was found in the Linux kernel's NFC protocol functionality. This flaw allows a local user t...

EulerOS Virtualization 2.10.1 : edk2 (EulerOS-SA-2022-1390)

According to the versions of the edk2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of...