Astra Linux - уязвимость в thunderbird

Thunderbird versions prior to 91.3.0 are vulnerable to a heap overflow vulnerability described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA ...

EulerOS 2.0 SP13 : golang (EulerOS-SA-2026-1240)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The Reader.ReadResponse function constructs a response string through repeated string concatenation of lines. When the number of lines in a respon...

Amazon Linux 2 : amazon-ecr-credential-helper, --advisory ALAS2DOCKER-2025-079 (ALASDOCKER-2025-079)

The version of amazon-ecr-credential-helper installed on the remote host is prior to 0.10.1-3. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2025-079 advisory. net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted value...

Important: libcap

Issue Overview: net/url: insufficient validation of bracketed IPv6 hostnames The Parse function permitted values other than IPv6 addresses to be included in square brackets within the host component of a URL. RFC 3986 permits IPv6 addresses to be included within the host component, enclosed withi...

Bitdefender Total Security 信任管理问题漏洞

Bitdefender Total Security is a proactive threat protection software for PCs from the Romanian company Bitdefender. The software features antivirus, firewall, anti-spyware, privacy control, and parental control. It also includes features such as System TuneUp. A trust management issue vulnerabili...

MGASA-2014-0119 Updated libssh package fixes security vulnerability

When using libssh before 0.6.3, a libssh-based server, when accepting a new connection, forks and the child process handles the request. The RANDbytes function of openssl doesn't reset its state after the fork, but simply adds the current process id getpid to the PRNG state, which is not guarante...

CentOS Update for bind CESA-2009:0020 centos3 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

VMSA-2009-0004 : ESX Service Console updates for openssl, bind, and vim

a. Updated OpenSSL package for the Service Console fixes a security issue. OpenSSL 0.9.7a-33.24 and earlier does not properly check the return value from the EVPVerifyFinal function, which could allow a remote attacker to bypass validation of the certificate chain via a malformed SSL/TLS signatur...

bind, caching security update

CentOS Errata and Security Advisory CESA-2009:0020 Updated Bind packages to correct a security issue are now available for Red Hat Enterprise Linux 2.1, 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. BIND Berkeley Internet Name...