[SECURITY] Fedora 38 Update: cockpit-311.2-1.fc38

The Cockpit Web Console enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more...

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : GNU C Library vulnerability (USN-6737-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6737-1 advisory. Charles Fol discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could use this issue to...

Slackware Linux 15.0 / current aaa_glibc-solibs Vulnerability (SSA:2024-109-01)

The version of aaaglibc-solibs installed on the remote host is prior to 2.33 / 2.39. It is, therefore, affected by a vulnerability as referenced in the SSA:2024-109-01 advisory. - The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to ...

CVE-2024-2961

The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable...

DEBIAN-CVE-2024-2961

The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable...

CVE-2024-2961

The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable...

CVE-2024-2961

The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable...

CVE-2024-2961

The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable...

CVE-2024-2961

CVE-2024-2961 affects the GNU C Library (glibc) versions 2.39 and older. The iconv() implementation may overflow the output buffer by up to 4 bytes when converting strings to ISO-2022-CN-EXT, potentially crashing the application or overwriting adjacent memory. Publicly documented in glibc advisor...

CVE-2024-2961

The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable...

GNU C Library 安全漏洞

GNU C Library is an open source, free C compiler released under the LGPL license. GNU C Library suffers from a buffer overflow vulnerability that originates from a boundary error in the iconv function when handling untrusted input. An attacker could exploit the vulnerability to cause the...

Exploit for Improper Input Validation in Paloaltonetworks Pan-Os

This repo contains a script to set up the safe environment for e...

CVE-2024-29399

An issue was discovered in GNU Savane v.3.13 and before, allows a remote attacker to execute arbitrary code and escalate privileges via a crafted file to the upload.php component...

CVE-2024-29399

An issue was discovered in GNU Savane v.3.13 and before, allows a remote attacker to execute arbitrary code and escalate privileges via a crafted file to the upload.php component...

CVE-2024-29399

An issue was discovered in GNU Savane v.3.13 and before, allows a remote attacker to execute arbitrary code and escalate privileges via a crafted file to the upload.php component...

PT-2024-22879 · Gnu · Gnu Savane

Name of the Vulnerable Software and Affected Versions: GNU Savane versions 3.13 and earlier Description: An issue allows a remote attacker to execute arbitrary code and escalate privileges via a crafted file to the "upload.php" component. Recommendations: For GNU Savane versions 3.13 and earlier,...

GNU Savane 安全漏洞

GNU Savane is a collaborative software development management system for the US GNU community. A security vulnerability exists in GNU Savane v.3.13 and earlier versions, which stems from a vulnerability that could allow a remote attacker to execute arbitrary code and escalate privileges via a...

Moderate: gnutls security update

The gnutls package provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. This package update fixes a timing side-channel in deterministic ECDSA. Security Fixes: gnutls: vulnerable to Minerva side-channel...

GNU Savane Cross-Site Request Forgery Vulnerability

GNU Savane is a collaborative software development management system for the US GNU community. GNU Savane suffers from a cross-site request forgery vulnerability that arises from a WEB application that does not adequately verify that a request is from a trusted user. No details of the vulnerabili...

GNU Savane Insecure Direct Object Reference Vulnerability

GNU Savane is a collaborative software development management system for project management, code hosting and community collaboration. GNU Savane suffers from an insecure direct object reference vulnerability that arises from an application that does not properly implement access control mechanis...