Debian dla-3681 : amanda-client - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3681 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3681-1 [email protected]...

The vulnerability of the distributed file system of the Windows operating system, allowing a hacker to execute arbitrary code

The vulnerability of the distributed file system in the Windows operating system is related to insufficient checking of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Buffer Overflow

Vim is vulnerable to Buffer Overflow. The vulnerability is due to an improper bound checking while parsing relative ex addresses. This issue can be exploited by an attacker to cause a buffer overflow leading to DoS...

Integer Overflow

Vim is vulnerable to Integer Overflow Vulnerability. The vulnerability is due to improper bound checking while using z= command. The attacker can trigger a crash by entering a number larger than MAXINT, which leads to DoS...

PT-2023-30340 · Unknown · Mattermost

Name of the Vulnerable Software and Affected Versions: Mattermost affected versions not specified Description: The issue arises from Mattermost's failure to properly check a redirect URL parameter, allowing for an open redirect. This occurs when a user clicks "Back to Mattermost" after providing ...

Heap Buffer Overflow

ibminizip-ng.so is vulnerable to Heap Buffer Overflow. The vulnerability is due to the mzpathresolve function in mzos.c because there is no boundary checking during the backward search for slashes in the path resolution function. This allows an attacker to craft a file with a specially structured...

SUSE SLES12: libopenssl-1_1-devel / libopenssl-1_1-devel-32bit / libopenssl1_1 / etc (SUSE-SU-2023:4521-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4521-1 advisory. - CVE-2023-5678: Fixed generating and checking of excessively long X9.42 DH keys that resulted in a possible Denial of Service bsc1216922...

CBL Mariner 2.0 Security Update: kernel (CVE-2023-46813)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-46813 advisory. - An issue was discovered in the Linux kernel before 6.5.9, exploitable by local users with userspace access t...

PT-2023-30672 · Liblisp · Liblisp

Name of the Vulnerable Software and Affected Versions: Liblisp versions through commit 4c65969 Description: The issue is related to an out-of-bounds-read vulnerability in the get length function, which is located in the eval.c file and operates on lisp cell t objects. This vulnerability can be...

[SECURITY] Fedora 38 Update: roundcubemail-1.6.5-1.fc38

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

[SECURITY] Fedora 37 Update: roundcubemail-1.6.5-1.fc37

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

CVE-2021-46748

Insufficient bounds checking in the ASP AMD Secure Processor may allow an attacker to access memory outside the bounds of what is permissible to a TA Trusted Application resulting in a potential denial of service...

Out-of-bounds

Insufficient bounds checking in the ASP AMD Secure Processor may allow an attacker to access memory outside the bounds of what is permissible to a TA Trusted Application resulting in a potential denial of service...

CVE-2021-46748

CVE-2021-46748 involves insufficient bounds checking in the AMD Secure Processor (ASP), potentially allowing a local attacker to access memory outside the bounds allowed to a Trusted Application, causing a denial of service. Connected sources confirm impact on AMD graphics components and ASP inte...

CVE-2021-46748

Insufficient bounds checking in the ASP AMD Secure Processor may allow an attacker to access memory outside the bounds of what is permissible to a TA Trusted Application resulting in a potential denial of service...

kernel: net: atlantic: fix aq_vec index out of range error

A vulnerability was found in the Linux kernel's Aquantia Atlantic driver, where a lack of proper bounds checking during loop indexing can lead to an out-of-bounds access. This can lead to undefined system behavior and a denial of service...

AMD Graphics Driver Vulnerabilities – November 2023

Bulletin ID: AMD-SB-6003 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary AMD received reports of vulnerabilities potentially affecting some AMD Graphics products. Refer to the CVE Details section for information about each CVE. CVE...

Intel® Core™ Processors with Radeon™ RX Vega M Graphics  Advisory

Summary: Potential security vulnerabilities in some Intel® Core™ processors with Radeon™ RX Vega M integrated graphics may allow escalation of privilege, denial of service or information disclosure. Intel and AMD are releasing driver updates to mitigate these potential vulnerabilities...

TONGDA Office Anywhere Security Breach

TONGDA Office Anywhere is a collaborative office OA system. A security vulnerability exists in TONGDA Office Anywhere 2017 11.9 and earlier versions, which originates from a SQL injection vulnerability in the file general/vehicle/checking/delete.php...

curl security update

7.76.1-26 - unify the upload/method handling CVE-2023-28322 - fix host name wildcard checking CVE-2023-28321 7.76.1-25 - adapt the fix of CVE-2023-27535 for RHEL 9 curl 7.76.1-24 - fix SSH connection too eager reuse still CVE-2023-27538 - fix GSS delegation too eager connection re-use...