Security update for aide (important)

openSUSE Security Update: Security update for aide Announcement ID: openSUSE-SU-2022:0150-2 Rating: important References: 1194735 Cross-References: CVE-2021-45417 CVSS scores: CVE-2021-45417 SUSE: 7 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.4 An update that...

CVE-2022-0522 Access of Memory Location Before Start of Buffer in radareorg/radare2

Access of Memory Location Before Start of Buffer in NPM radare2.js prior to 5.6.2...

SUSE: Security Advisory (SUSE-SU-2022:14879-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:0150-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2022:0145-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:0145-1 Security update for aide

This update for aide fixes the following issues: - CVE-2021-45417: Fix a bufferoverflow in base64 functions bsc1194735...

Grandstream GXV3175 Unauthenticated Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Grandstream GXV3175 'settimezone' Unauthenticated Command Execution", 'Description' = %q This module exploits a command injection vulnerability i...

CVE-2021-32286

An issue was discovered in hcxtools through 6.1.6. A global-buffer-overflow exists in the function pcapngoptionwalk located in hcxpcapngtool.c. It allows an attacker to cause code Execution...

Denial Of Service (DoS)

apache2 is vulnerable to denial of service. apescapequotes may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may...

CVE-2020-21548

Libsixel 1.8.3 contains a heap-based buffer overflow in the sixelencodehighcolor function in tosixel.c...

CVE-2021-38371

The STARTTLS feature in Exim through 4.94.2 allows response injection buffering during MTA SMTP sending...

GSD-2021-1001237 KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow

KVM: PPC: Book3S: Fix HRTAS rets buffer overflow This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.54 by commit...

CVE-2021-32761

Redis is an in-memory database that persists on disk. A vulnerability involving out-of-bounds read and integer overflow to buffer overflow exists starting with version 2.2 and prior to versions 5.0.13, 6.0.15, and 6.2.5. On 32-bit systems, Redis BIT command are vulnerable to integer overflow that...

CVE-2021-27039

A maliciously crafted TIFF and PCX file can be forced to read and write beyond allocated boundaries when parsing the TIFF and PCX file for based overflow. This vulnerability can be exploited to execute arbitrary code...

SUSE: Security Advisory (SUSE-SU-2013:0049-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2015:2386-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2015:2385-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Notepad Notes 2.6.7 Denial Of Service

Exploit Title: Notepad notes 2.6.7 - Denial of Service PoC Date: 2021-06-02 Author: Brian Rodríguez Download Link: https://play.google.com/store/apps/details?id=com.hlcsdev.x.notepad&hl=esMX Version: 2.6.7 Category: DoS Android Vulnerability Bloc de notas is vulnerable to a DoS condition when a...

iDailyDiary 4.30 - Denial of Service Exploit

Exploit Title: iDailyDiary 4.30 - Denial of Service PoC Exploit Author: Ismael Nava Vendor Homepage: https://www.splinterware.com/index.html Software Link: https://www.splinterware.com/download/iddfree.exe Version: 4.30 Tested on: Windows 10 Home x64 STEPS Open the program iDailyDiary Create a Ne...

CVE-2021-31870

An issue was discovered in klibc before 2.0.9. Multiplication in the calloc function may result in an integer overflow and a subsequent heap buffer overflow...