SUSE CVE-2021-46019

An untrusted pointer dereference in recdbdestroy at rec-db.c of GNU Recutils v1.8.90 can lead to a segmentation fault or application crash...

The vulnerability of the NSCCD server caching daemon in the GNU C Library allows a attacker to cause a service failure.

The vulnerability of the NSCCD daemon, a caching service for system names in the GNU C Library, involves returning a pointer beyond the expected range. Exploiting this vulnerability could allow an attacker to cause a service failure...

RHEL 4 : binutils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - binutils: Address violation in aarch64extldstreglist function when disassembling corrupt aarch64 binary...

RHEL 6 : mailman (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - mailman: CSRF token bypass allows to perform CSRF attacks and account takeover CVE-2021-42097 - mailman:...

RHEL 5 : emacs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - emacs: command injection flaw within enriched mode handling CVE-2017-14482 - GNU Emacs version 25.3.1 and...

RHEL 6 : libtasn1 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libtasn1: Stack-based buffer overflow in asn1findnode CVE-2017-6891 - The asn1extractderoctet function in...

RHEL 5 : patch (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - patch: OS shell command injection when processing crafted patch files CVE-2019-13638 - An issue was...

RHEL 6 : emacs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - emacs: command injection flaw within enriched mode handling CVE-2017-14482 - emacs: command execution via...

RHEL 5 : gdb (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gdb: buffer overflow while opening an ELF for debugging leads to Dos, information dislosure and code...

RHEL 7 : binutils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - binutils: heap-based buffer overflow in finishstab in stabs.c CVE-2018-12699 - The bfdvmssavesizedstring...

RHEL 5 : binutils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - binutils: heap-based buffer overflow in finishstab in stabs.c CVE-2018-12699 - The bfdvmssavesizedstring...

glibc: netgroup cache may terminate daemon on memory allocation failure

A flaw was found in the glibc netgroup cache. The netgroup cache uses xmalloc/xrealloc and may terminate the process due to a memory allocation failure...

glibc: Out of bounds write in iconv may lead to remote code execution

An out-of-bounds write flaw was found in the ISO-2022-CN-EXT plugin for glibc's iconv library. When converting from UCS4 charset, adding certain escape charterers is required to indicate where the charset was changed to the library. During this process, iconv improperly checks the boundaries of...

glibc: null pointer dereferences after failed netgroup cache insertion

A flaw was found in the glibc netgroup cache. After a failed cache insertion, addgetnetgrentX tries to send the non-existing response after the not-found header. This can lead to a null pointer dereference that causes a crash or exit...

Oracle Linux 8 : glibc (ELSA-2024-2722)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-2722 advisory. 2.28-236.0.1.13 - Forward port of Oracle patches. Reviewed-by: Jose E. Marchesi Tenable has extracted the preceding description block directly from the Oracle...

AlmaLinux 8 : glibc (ALSA-2024:2722)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:2722 advisory. - The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the...

The vulnerability of the NSCCD server caching service in the GNU C Library allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the NSCCD daemon, a caching service for system names in the GNU C Library, is related to buffer overflow in the stack. Exploiting this vulnerability allows an attacker operating remotely to compromise the confidentiality, integrity, and accessibility of the protected...

SUSE: Security Advisory (SUSE-SU-2024:1548-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the NSCCD server caching daemon in the GNU C Library allows a attacker to cause a service failure.

The vulnerability of the NSCCD daemon, a caching service for system names in the GNU C Library, relates to the assignment of zero pointers. Exploiting this vulnerability could allow an attacker, operating remotely, to cause service failures...

glibc: Out of bounds write in iconv may lead to remote code execution

An out-of-bounds write flaw was found in the ISO-2022-CN-EXT plugin for glibc's iconv library. When converting from UCS4 charset, adding certain escape charterers is required to indicate where the charset was changed to the library. During this process, iconv improperly checks the boundaries of...