RHEL 7 : bash (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - bash: when effective UID is not equal to its real UID the saved UID is not dropped CVE-2019-18276 - A...

PT-2024-14508 · Ibm · Ibm Db2

Name of the Vulnerable Software and Affected Versions: IBM DB2 for Linux, UNIX and Windows includes Db2 Connect Server version 11.5 Description: The issue is related to a denial of service condition that can occur when querying a specific UDF built-in function concurrently. Recommendations: For I...

Security Bulletin: IBM® Db2® is vulnerable to denial of service when quering a specific UDF built-in function concurrently (CVE-2023-52296)

Summary IBM® Db2® is vulnerable to denial of service when quering a specific UDF built-in function concurrently. Vulnerability Details CVEID:CVE-2023-52296 DESCRIPTION: IBM DB2 for Linux, UNIX and Windows includes Db2 Connect Server is vulnerable to denial of service when quering a specific UDF...

PT-2024-40139 · Surrealdb · Surrealdb

Name of the Vulnerable Software and Affected Versions: SurrealDB versions prior to 1.2.0 Description: The issue occurs when a query containing a call to a nonexistent built-in SurrealDB function is executed, potentially causing a denial of service by crashing the server. This can happen when the...

EulerOS 2.0 SP3 : bash (EulerOS-SA-2021-1765)

According to the version of the bash package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LCCTYPE environment...

EulerOS Virtualization for ARM 64 3.0.2.0 : bash (EulerOS-SA-2019-1942)

According to the version of the bash package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - A heap-based buffer overflow was discovered in bash when wide characters, not supported by the current locale set in LCCTYPE...

EulerOS 2.0 SP5 : bash (EulerOS-SA-2019-1911)

According to the version of the bash package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A heap-based buffer overflow was discovered in bash when wide characters, not supported by the current locale set in LCCTYPE environment variable, are...

Design/Logic Flaw

Apache VCL versions 2.1 through 2.5 do not properly validate form input when processing a submitted block allocation. The form data is then used as an argument to the php built in function strtotime. This allows for an attack against the underlying implementation of that function. The...

CVE-2012-6711

A heap-based buffer overflow exists in GNU Bash before 4.3 when wide characters, not supported by the current locale set in the LCCTYPE environment variable, are printed through the echo built-in function. A local attacker, who can provide data to print through the "echo -e" built-in function, ma...

CVE-2012-6711

CVE-2012-6711 describes a heap-based buffer overflow in GNU Bash prior to 4.3. When wide characters not supported by the current LC_CTYPE locale are printed via the echo builtin, ansicstr() mishandles u32cconv() in lib/sh/strtrans.c, potentially allowing a local attacker to crash a script or exec...