172 matches found
EulerOS 2.0 SP2 : gstreamer1-plugins-good (EulerOS-SA-2021-2377)
According to the version of the gstreamer1-plugins-good package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - GStreamer before 1.18.4 might access already-freed memory in error code paths when demuxing certain malformed Matroska...
EulerOS 2.0 SP2 : libwebp (EulerOS-SA-2021-2403)
According to the versions of the libwebp package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkAssignData. The highest threat from this...
EulerOS 2.0 SP2 : mutt (EulerOS-SA-2021-2409)
According to the version of the mutt package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - rfc822.c in Mutt through 2.0.4 allows remote attackers to cause a denial of service mailbox unavailability by sending email messages with sequences of...
EulerOS 2.0 SP2 : cpio (EulerOS-SA-2021-2362)
According to the version of the cpio package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The cpiosafernamesuffix function in util.c in cpio 2.11 allows remote attackers to cause a denial of service out-of-bounds write via a crafted cpio...
EulerOS 2.0 SP2 : evince (EulerOS-SA-2021-2366)
According to the version of the evince packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Evince 3.26.0 is affected by buffer overflow. The impact is: DOS / Possible code execution. The component is: backend/tiff/tiff-document.c. The...
EulerOS 2.0 SP2 : libmspack (EulerOS-SA-2021-2398)
According to the version of the libmspack package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - chmextract.c in the chmextract sample program, as distributed with libmspack before 0.8alpha, does not protect against absolute/relative pathname...
EulerOS 2.0 SP2 : dhcp (EulerOS-SA-2021-2365)
According to the version of the dhcp packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16, ISC DHCP 4.4.0 - 4.4.2 Other branches of ISC DHCP i.e., releases in the 4.0.x series or lower and releases in t...
EulerOS 2.0 SP2 : lz4 (EulerOS-SA-2021-2407)
According to the version of the lz4 package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to...
EulerOS 2.0 SP2 : python-cryptography (EulerOS-SA-2021-2428)
According to the version of the python-cryptography package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - HKDF in cryptography before 1.5.2 returns an empty byte-string if used with a length less than algorithm.digestsize.CVE-2016-9243 Note...
EulerOS 2.0 SP2 : java-1.8.0-openjdk (EulerOS-SA-2021-2389)
According to the versions of the java-1.8.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Libraries. Supported versions that are affected...
EulerOS 2.0 SP2 : python-pillow (EulerOS-SA-2021-2432)
According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Pillow before 8.2.0. PSDImagePlugin.PsdImageFile lacked a sanity check on the number of input layers relative t...
EulerOS 2.0 SP2 : tcpdump (EulerOS-SA-2021-1367)
According to the version of the tcpdump package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory.CVE-2020-8037 Note that Tenable Network Security has...
EulerOS 2.0 SP2 : oddjob (EulerOS-SA-2021-1334)
According to the version of the oddjob packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home...
EulerOS 2.0 SP2 : spamassassin (EulerOS-SA-2021-1360)
According to the versions of the spamassassin package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A denial of service vulnerability was identified that exists in Apache SpamAssassin before 3.4.2. The vulnerability arises with certain...
EulerOS 2.0 SP2 : spice (EulerOS-SA-2021-1361)
According to the version of the spice package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Bot...
EulerOS 2.0 SP2 : cups (EulerOS-SA-2021-1286)
According to the versions of the cups packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions.CVE-2018-4180 - In macOS...
EulerOS 2.0 SP2 : pcp (EulerOS-SA-2021-1341)
According to the versions of the pcp packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A Improper Control of Generation of Code vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE...
EulerOS 2.0 SP2 : nss (EulerOS-SA-2021-1333)
According to the versions of the nss packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Network Security Services before 3.44, a malformed Netscape Certificate Sequence can cause NSS to crash, resulting in a denial of...
EulerOS 2.0 SP2 : python-reportlab (EulerOS-SA-2021-1354)
According to the version of the python-reportlab package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - ReportLab through 3.5.26 allows remote code execution because of toColorevalarg in colors.py, as demonstrated by a crafted XML document wi...
EulerOS 2.0 SP2 : gnome-keyring (EulerOS-SA-2021-1300)
According to the version of the gnome-keyring packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's password is kept in a session-child process spawned from the LightDM...