SUSE: Security Advisory (SUSE-SU-2018:1778-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:0027-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:2491-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CTF-All-In-One

This is a comprehensive guide to CTF Capture The Flag competitions, specifically focusing on the Pwn binary exploitation aspect. The book is written by Yang Chao, a member of L-Team, and is intended for beginners. It covers the basics of binary exploitation, including memory management, buffer...

CVE-2021-26709

The CVE-2021-26709 entry concerns D-Link DSL-320B-D1 devices (EU_1.25 and earlier) with a stack-based buffer overflow in the device firmware that allows unauthenticated remote attackers to takeover the device via login.xgi. Affected product: D-Link DSL-320B-D1; vulnerability type: multiple pre-au...

OPENSUSE-SU-2021:0515-1 Security update for chromium

This update for chromium fixes the following issues: Update to 89.0.4389.114 boo1184256 - CVE-2021-21194: Use after free in screen capture - CVE-2021-21195: Use after free in V8 - CVE-2021-21196: Heap buffer overflow in TabStrip - CVE-2021-21197: Heap buffer overflow in TabStrip - CVE-2021-21198:...

Buffer Overflows

bsdiff:sid is vulnerable to buffer overflows. Insufficient checks when handling external inputs allows an attacker to bypass the sanity checks in place and write out of a dynamically allocated buffer boundaries...

SUSE SLES12 Security Update : slurm_20_11 / pdsh (SUSE-SU-2021:0773-1)

This update for pdsh fixes the following issues : Preparing pdsh for Slurm 20.11 jscECO-2412 Simplify convoluted condition. This update for slurm fixes the following issues : Fix potential buffer overflows from use of unpackmem. CVE-2020-27745 bsc1178890 Fix potential leak of the magic cookie whe...

Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2021-1601)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NewStart CGSL MAIN 4.06 : sudo Multiple Vulnerabilities (NS-SA-2021-0001)

The remote NewStart CGSL host, running version MAIN 4.06, has sudo packages installed that are affected by multiple vulnerabilities: - In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. pwfeedback is a...

NewStart CGSL CORE 5.04 / MAIN 5.04 : grub2 Multiple Vulnerabilities (NS-SA-2021-0008)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has grub2 packages installed that are affected by multiple vulnerabilities: - A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw...

D-Link DAP-2020 <= 1.01 Multiple Vulnerabilities - Active Check

D-Link DAP-2020 devices are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPEPREFIX = "cpe:/o:dlink"; if...

[ASA-202102-39] ipmitool: arbitrary code execution

Arch Linux Security Advisory ASA-202102-39 ========================================== Severity: High Date : 2021-02-27 CVE-ID : CVE-2020-5208 Package : ipmitool Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1596 Summary ======= The package ipmitool before...

The vulnerability of Intel Graphics Driver drivers relates to the occurrence of operations beyond the buffer boundaries in memory, which allows an attacker to cause a service failure.

The vulnerability of Intel Graphics Drivers’ drivers is related to the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause a system failure...

Security Bulletin: A security vulnerability has been identified in IBM Java Runtime which affects DataQuant for z/OS

Summary An unspecified vulnerability has been identified in IBM Java Runtime that could affect DataQuant for z/OS. Vulnerability Details CVEID: CVE-2018-12547 CVSS Base Score: 9.8 DESCRIPTION: A widely used function in the OpenJ9 JVM is vulnerable to buffer overlows. Multiple Java Runtime...

Unbreakable Enterprise kernel security update

2.6.39-400.330.1 - mwifiex: Fix possible buffer overflows in mwifiexcmd80211adhocstart Zhang Xiaohui Orabug: 32349211 CVE-2020-36158 2.6.39-400.329.1 - Fonts: Support FONTEXTRAWORDS macros for built-in fonts Peilin Ye Orabug: 32176268 CVE-2020-28915 - fbdev, newportcon: Move FONTEXTRAWORDS macros...

Unbreakable Enterprise kernel security update

4.1.12-124.47.3 - sysctl: handle overflow in procgetlong Christian Brauner Orabug: 31588015 4.1.12-124.47.2 - mwifiex: Fix possible buffer overflows in mwifiexcmdappendvsietlv Qing Xu Orabug: 31350932 CVE-2020-12653 - lockd: don't use interval-based rebinding over TCP Calum Mackay Orabug: 3143570...

CTF-All-In-One

This is a comprehensive book on CTF Capture The Flag competitions, specifically focusing on the Pwn binary exploitation aspect. The book is written by Yang Chaofei, a member of L-Team, and is intended for beginners. It covers the basics of binary exploitation, including memory management, buffer...

dnsmasq < 2.83 Multiple Vulnerabilities (DNSPOOQ)

The version of dnsmasq installed on the remote host is prior to 2.83. It is, therefore, affected by multiple vulnerabilities: - Multiple remote buffer overflows in the DNSSEC implementation. CVE-2020-25681, CVE-2020-25682, CVE-2020-25683, CVE-2020-25687 - A UDP DNS cache poisoning vulnerability...

Dnsmasq < 2.83 Multiple Vulnerabilities (DNSpooq)

Dnsmasq is prone to multiple vulnerabilities dubbed Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...