gcc-toolset-12-gcc bug fix update

An update is available for gcc-toolset-12-gcc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GCC Toolset 12 is a compiler toolset that provides recent versions...

Fedora: Security Advisory for upx (FEDORA-2023-89fdc22ace)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Exploit for Out-of-bounds Write in Gnu Binutils

PoC exploit for CVE-2021-20294, a vulnerability in a specific pr...

Fedora: Security Advisory for php (FEDORA-2023-2dc2d607ba)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a buffer overflow and underflow in GNU C Library (CVE-2021-3999)

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a buffer overflow and underflow in GNU C Library CVE-2021-3999. This is included as part of the base-image used in our Speech-to-Text and Text-to-Speech service components. Please see below for details on how...

Security Bulletin: A vulnerability with GNU wget affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data (CVE-2016-4971)

Summary A vulnerability with GNU wget affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data CVE-2016-4971. Please see below for details on how to remediate this issue. Vulnerability Details CVEID:CVE-2016-4971 DESCRIPTION: GNU wget could allow a remote attacker to traverse...

Security Bulletin: A vulnerability in GNU Tar affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data (CVE-2019-9923)

Summary A vulnerability in GNU Tar affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data CVE-2019-9923. Please see the steps below to remediate this issue. Vulnerability Details CVEID:CVE-2019-9923 DESCRIPTION: GNU Tar is vulnerable to a denial of service, caused by a NULL point...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security restrictions bypass in GNU C Library (CVE-2019-19126)

Summary Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security restrictions bypass in GNU C Library, caused by failing to ignore the LDPREFERMAP32BITEXEC environment variable during program execution. CVE-2019-19126. GNU C Library is used as...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in GNU Tar (CVE-2019-9923).

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in GNU Tar, caused by a NULL point dereference in the paxdecodeheader in sparse.c CVE-2019-9923. A remote attacker could exploit this vulnerability to cause the application to crash. GNU T...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in GNU glibc (CVE-2020-1751).

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in GNU glibc, caused by an out-of-bounds write when handling signal trampolines on PowerPC CVE-2020-1751. GNU glibc is used as part of the base image included in our service components...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in GNU glibc (CVE-2020-1752)

Summary BM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in GNU glibc, through the execution of arbitrary code on the system, caused by a use-after-free CVE-2020-1752. GNU glibc is used as part of the base image included in our service components...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in GNU C Library ( CVE-2020-10029)

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in GNU C Library, caused by a stack-based overflow during range reduction CVE-2020-10029. GNU C Library is used as part of the base image included in our service components. Please read th...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security bypass in GNU Gzip (CVE-2022-1271)

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security bypass in GNU Gzip caused by improper validation of file name by the zgrep utility CVE-2022-1271. GNU Gzip and the zgrep utility are used as part of the base image included in our service component...

Security Bulletin: glibc Vulnerability affects Watson Speech Services

Summary A Redhat glibc Vulnerability affecting Watson Speech Services has been fixed in the latest version of IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data 4.0.3 Vulnerability Details CVEID:CVE-2021-35942 DESCRIPTION: GNU C Library aka glibc could allow a local attacker to obtai...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to information disclosure or denial of service in GNU glibc (CVE-2021-35942).

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to information disclosure and denial of service in GNU glibc, caused by a flaw when called with an untrusted, crafted pattern in thewordexp function. CVE-2021-35942. GNU glibc is used as part of the base image...

Security Bulletin: A vulnerability with GNU Wget affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data (CVE-2018-0494)

Summary A vulnerability with GNU Wget affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data CVE-2018-0494. Please see the details below on how to remediate this issue. Vulnerability Details CVEID:CVE-2018-0494 DESCRIPTION: GNU Wget could allow a remote attacker to bypass securit...

Security Bulletin: A vulnerability in 'GNU Wget' affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data (CVE-2018-20483)

Summary A vulnerability in 'GNU Wget' affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data CVE-2018-20483. Please see the details below on how to remediate this issue. Vulnerability Details CVEID:CVE-2018-20483 DESCRIPTION: GNU Wget could allow a local authenticated attacker to...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to stack-based buffer overflow in GNU C Library (CVE-2022-23219)

Summary Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to stack-based buffer overflow in GNU C Library CVE-2022-23219. This is included as part of the base-image used in our Speech-to-Text and Text-to-Speech service components. Please see below fo...

AZL-13005 CVE-2022-3515 affecting package gnupg2 for versions less than 2.4.0-1

A vulnerability was found in the Libksba library due to an integer overflow within the CRL parser. The vulnerability can be exploited remotely for code execution on the target system by passing specially crafted data to the application, for example, a malicious S/MIME attachment...

Debian DSA-5314-1 : emacs - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5314 advisory. It was discovered that missing input sanitising in the ctags functionality of Emacs may result in the execution of arbitrary shell commands. For the stable distribution...