Moderate: Red Hat Security Advisory: libmicrohttpd security update

An update for libmicrohttpd is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

glibc buffer error vulnerability

glibc GNU C Library is the C standard library implemented by the GNU Project. A security vulnerability exists in glibc 2.37 and earlier versions, which stems from the presence of a heap-based buffer overflow that can cause an application to crash...

RHEL 8 : libmicrohttpd (RHSA-2024:0584)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0584 advisory. GNU libmicrohttpd is a small C library that makes it easy to run an HTTP server as part of another application. Security Fixes: libmicrohttpd: remote...

glibc 缓冲区错误漏洞

glibc GNU C Library is the C standard library implemented by the GNU Project. A security vulnerability exists in glibc 2.37 and earlier versions, which stems from the presence of an integer overflow that can be exploited by an attacker to cause the size of the buffer in which a message is stored ...

PT-2024-1611 · Glibc +1 · Glibc +1

Name of the Vulnerable Software and Affected Versions: glibc versions 2.37 and newer Description: The issue is related to an off-by-one heap-based buffer overflow in the vsyslog internal function of the glibc library. This function is called by the syslog and vsyslog functions. The overflow occur...

EulerOS 2.0 SP11 : gdb (EulerOS-SA-2024-1104)

According to the versions of the gdb packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - GNU gdb GDB 13.0.50.20220805-git was discovered to contain a heap use after free via the function addpeexportedsym at /gdb/coff-pe-read.c...

GNU indent 缓冲区错误漏洞

GNU indent is a utility program of the American GNU community that has existed since the Unix era. It can be reindented into C and C++ code in a user-defined programming style. GNU indent suffers from a buffer overflow vulnerability that stems from a heap-based buffer overflow contained in...

The vulnerability of the GnuTLS cryptographic library, related to errors in verifying the cryptographic signature, allows a perpetrator to trigger a service failure.

The vulnerability of the transport-layer cryptographic library GnuTLS is related to errors in verifying the cryptographic signature. Exploiting this vulnerability allows a malicious actor, operating remotely, to cause service failures...

Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities (CVE-2023-4806, CVE-2023-4155, CVE-2023-4527)

Summary IBM Security Guardium has addressed these vulnerabilities with an update. Vulnerability Details CVEID:CVE-2023-4806 DESCRIPTION: GNU glibc is vulnerable to a denial of service, caused by a use-after-free flaw in the getaddrinfo function. By sending a specially crafted request, a remote...

GOCR: Multiple Vulnerabilities

Background GOCR is an OCR Optical Character Recognition program, developed under the GNU Public License. It converts scanned images of text back to text files. Description Multiple vulnerabilities have been discovered in GOCR. Please review the CVE identifiers referenced below for details. Impact...

[SECURITY] Fedora 39 Update: coreutils-9.3-5.fc39

These are the GNU core utilities. This package is the combination of the old GNU fileutils, sh-utils, and textutils packages...

Fedora: Security Advisory (FEDORA-2024-6b85e8848f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Exploit for Heap-based Buffer Overflow in Gnu Glibc

GNU C Library's Dynamic Loader Vulnerability CVE-2023-4911...

SUSE CVE-2024-0684

A flaw was found in the GNU coreutils "split" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the linebytessplit function, potentially leading to an application crash and denial of service...

Firefox 121 / Chrome 120 Denial Of Service

Minor firefox DoS - semi silently polluting /Downloads with files part 2 Tested on: firefox 121 and chrome 120 on GNU/linux Date: Thu Jan 18 08:38:28 AM UTC 2024 This is barely a DoS, but since it might affect Chrome too we decided to disclose it. If firefox user visits a specially crafted page,...

CVE-2024-0684

A flaw was found in the GNU coreutils "split" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the linebytessplit function, potentially leading to an application crash and denial of service. Mitigation Mitigation for this issue is either not...

GNU coreutils 缓冲区错误漏洞

Gnu Coreutils is a core toolset of the GNU community. Gnu Coreutils suffers from a buffer overflow vulnerability that stems from the presence of a heap overflow, which can be exploited by an attacker to cause an application crash and denial of service...

PT-2024-1284

Name of the Vulnerable Software and Affected Versions: GNU coreutils versions affected versions not specified Description: A flaw was found in the GNU coreutils "split" program. A heap overflow with user-controlled data of multiple hundred bytes in length could occur in the line bytes split...

Fedora: Security Advisory (FEDORA-2024-1ef6197a49)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for exim (FEDORA-2024-e0841c83bb)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...