1130 matches found
GSD-2023-1000775 selftests/bpf: Fix xdp_synproxy compilation failure in 32-bit arch
selftests/bpf: Fix xdpsynproxy compilation failure in 32-bit arch This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.16 by commit...
GSD-2023-1000215 netfilter: ctnetlink: fix compilation warning after data race fixes in ct mark
netfilter: ctnetlink: fix compilation warning after data race fixes in ct mark This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.159 by comm...
GSD-2023-1000137 netfilter: ctnetlink: fix compilation warning after data race fixes in ct mark
netfilter: ctnetlink: fix compilation warning after data race fixes in ct mark This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.83 by commi...
GSD-2023-1000033 netfilter: ctnetlink: fix compilation warning after data race fixes in ct mark
netfilter: ctnetlink: fix compilation warning after data race fixes in ct mark This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.13 by commit...
[SECURITY] Fedora 37 Update: pypy3.8-7.3.11-1.3.8.fc37
PyPy's implementation of Python 3.8, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types strings, dictionaries, etc.. This build of PyPy has JIT-compilation enabled...
EulerOS 2.0 SP10 : gcc (EulerOS-SA-2022-2821)
According to the versions of the gcc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In gcc, an internal compiler error in matchreload function at lra-constraints.c may cause a crash through a crafted input file. CVE-2020-35536 - In...
Unbreakable Enterprise kernel-container security update
4.14.35-2047.520.3.1.el7 - proc: procskipspaces shouldn't think it is working on C strings Linus Torvalds Orabug: 34883027 CVE-2022-4378 - proc: avoid integer type confusion in getproclong Linus Torvalds Orabug: 34883027 CVE-2022-4378 - hugetlbfs: don't delete error page from pagecache James...
Updated java packages fix security vulnerability
Class compilation issue. CVE-2022-21540 Improper restriction of MethodHandle.invokeBasic. CVE-2022-21541 Integer truncation issue in Xalan-J. CVE-2022-34169 Improper MultiByte conversion can lead to buffer overflow. CVE-2022-21618 Improper handling of long NTLM client hostnames. CVE-2022-21619...
Spring Tips: the road to Spring Framework 6: the new Ahead-of-Time Compilation Engine and GraalVM
Hi, Spring fans! Spring Boot 3 is here or will be tomorrow, on the 24th of November, 2022, to be more precise!, bringing a fantastic new Ahead-of-Time AOT compilation engine that supports GraalVM native images. Join me, and well dive deep into the engine and its interactions with the Spring...
EulerOS 2.0 SP9 : gcc (EulerOS-SA-2022-2729)
According to the versions of the gcc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In gcc, an internal compiler error in matchreload function at lra-constraints.c may cause a crash through a crafted input file. CVE-2020-35536 - In...
MGASA-2022-0417 Updated pcre packages fix security vulnerability
An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compilexclassmatchingpath function of the pcre2jitcompile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in...
CVE-2021-42777
Stimulsoft aka Stimulsoft Reports 2013.1.1600.0, when Compilation Mode is used, allows an attacker to execute arbitrary C code on any machine that renders a report, including the application server or a user's local machine, as demonstrated by System.Diagnostics.Process.Start...
CVE-2021-42777
Stimulsoft aka Stimulsoft Reports 2013.1.1600.0, when Compilation Mode is used, allows an attacker to execute arbitrary C code on any machine that renders a report, including the application server or a user's local machine, as demonstrated by System.Diagnostics.Process.Start...
Code injection
Stimulsoft aka Stimulsoft Reports 2013.1.1600.0, when Compilation Mode is used, allows an attacker to execute arbitrary C code on any machine that renders a report, including the application server or a user's local machine, as demonstrated by System.Diagnostics.Process.Start...
CVE-2021-42777
Stimulsoft aka Stimulsoft Reports 2013.1.1600.0, when Compilation Mode is used, allows an attacker to execute arbitrary C code on any machine that renders a report, including the application server or a user's local machine, as demonstrated by System.Diagnostics.Process.Start...
CVE-2021-42777
Stimulsoft aka Stimulsoft Reports 2013.1.1600.0, when Compilation Mode is used, allows an attacker to execute arbitrary C code on any machine that renders a report, including the application server or a user's local machine, as demonstrated by System.Diagnostics.Process.Start...
CVE-2021-42777
CVE-2021-42777 affects Stimulsoft (Stimulsoft Reports) version 2013.1.1600.0; when Compilation Mode is enabled, it allows an attacker to execute arbitrary C# code on any machine rendering a report (server or client) via System.Diagnostics.Process.Start. The vulnerability is a code-execution risk ...
PT-2022-11683 · Stimulsoft · Stimulsoft Reports
Name of the Vulnerable Software and Affected Versions: Stimulsoft aka Stimulsoft Reports version 2013.1.1600.0 Description: The issue allows an attacker to execute arbitrary C code on any machine that renders a report, including the application server or a user's local machine. This is demonstrat...
[SECURITY] Fedora 35 Update: pypy3.7-7.3.9-4.3.7.fc35
PyPy's implementation of Python 3.7, featuring a Just-In-Time compiler on some CPU architectures, and various optimized implementations of the standard types strings, dictionaries, etc.. This build of PyPy has JIT-compilation enabled...
Fedora: Security Advisory for pypy3.9 (FEDORA-2022-4ac2e16969)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...