SUSE CVE-2024-0553

A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange,...

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBCTUNABLES environment variables when launching binaries with SUID permission to execute code...

Security Bulletin: Multiple security vulnerabilities affect IBM Robotic Process Automation for Cloud Pak.

Summary Unbound is used by IBM Robotic Process Automation for Cloud Pak as part of antivirus functionality. CVE-2019-25033. ISC BIND is used by IBM Robotic Process Automation for Cloud Pak as part of Watson NLP. CVE-2022-3094. GNU Binutils is used by IBM Robotic Process Automation for Cloud Pak a...

GnuTLS Security Vulnerabilities

GnuTLS is a free secure communications library for implementing the SSL, TLS and DTLS protocols. A security vulnerability exists in GnuTLS, which stems from a difference in response time for ciphertexts that are formatted incorrectly versus ciphertexts that are correctly padded, which could allow...

EulerOS 2.0 SP11 : screen (EulerOS-SA-2023-2667)

According to the versions of the screen package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - socket.c in GNU Screen through 4.9.0, when installed setuid or setgid the default on platforms such as Arch Linux and FreeBSD, allows local users...

EulerOS Virtualization 3.0.6.6 : emacs (EulerOS-SA-2023-3397)

According to the versions of the emacs packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because...

EulerOS 2.0 SP8 : emacs (EulerOS-SA-2023-3124)

According to the versions of the emacs packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c...

EulerOS Virtualization 3.0.6.0 : emacs (EulerOS-SA-2023-3428)

According to the versions of the emacs packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because...

EulerOS Virtualization 2.11.0 : emacs (EulerOS-SA-2023-2752)

According to the versions of the emacs package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a...

EulerOS 2.0 SP9 : glibc (EulerOS-SA-2023-3330)

According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an...

EulerOS Virtualization 2.11.1 : emacs (EulerOS-SA-2023-2721)

According to the versions of the emacs package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a...

EulerOS 2.0 SP11 : emacs (EulerOS-SA-2023-2639)

According to the versions of the emacs package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or...

EulerOS 2.0 SP11 : emacs (EulerOS-SA-2023-2681)

According to the versions of the emacs package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or...

EulerOS Virtualization 2.9.0 : binutils (EulerOS-SA-2024-1003)

According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function...

EulerOS 2.0 SP11 : binutils (EulerOS-SA-2023-3024)

According to the versions of the binutils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangletype in rust-demangle.c...

EulerOS Virtualization 2.11.0 : binutils (EulerOS-SA-2023-3373)

According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangletype in...

EulerOS Virtualization 2.11.1 : binutils (EulerOS-SA-2023-3354)

According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangletype in...

EulerOS 2.0 SP11 : binutils (EulerOS-SA-2023-3001)

According to the versions of the binutils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangletype in rust-demangle.c...

USN-6581-1: GNU binutils vulnerabilities

It was discovered that GNU binutils was not properly performing bounds checks in several functions, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service, expose sensitive information or execute arbitrary code. CVE-2022-44840, CVE-2022-45703...

Security Bulletin: IBM Automation Decision Services December 2023 - Multiple CVEs addressed

Summary IBM Automation Decision Services is vulnerable to denial of service attacks in third party and open source used in the product for various functions. See full list below. This vulnerability has been addressed. Vulnerability Details CVEID:CVE-2023-32681 DESCRIPTION: python-requests could...