Fedora: Security Advisory for bash (FEDORA-2022-4ff296fe8e)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: bash-5.1.16-3.fc36

The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporates useful features from the Korn shell ksh and the C shell csh. Most sh scripts can be run by bash without modification...

Fedora: Security Advisory for bash (FEDORA-2022-bf387ff344)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the `glob` function in the `glob.c` component of the GNU C Library allows a attacker to cause a service failure.

The vulnerability of the glob function in the glob.c component of the GNU C Library is related to the failure to release resources after their useful period has ended. Exploiting this vulnerability allows an attacker who operates remotely to cause service interruptions...

openSUSE: Security Advisory for dpdk (SUSE-SU-2022:3430-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

The vulnerabilities of the `fillin_rpath` and `decompose_rpath` functions in the GNU C Library allow attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the fillinrpath and decomposerpath functions in the GNU C Library’s system library is related to an unreliable search path. Exploiting this vulnerability allows a remote attacker to access confidential data, compromise its integrity, and cause service failures...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20201105.2298)

The version of AHV installed on the remote host is prior to 20201105.2298. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20201105.2298 advisory. - zlib before 1.2.12 allows memory corruption when deflating i.e., when compressing if the input has many distant...

Huawei EulerOS: Security Advisory for xz (EulerOS-SA-2022-2370)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GRUB: Multiple Vulnerabilities

Background GNU GRUB is a multiboot boot loader used by most Linux systems. Description Multiple vulnerabilities have been discovered in GRUB. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no kno...

Fedora: Security Advisory for bind-dyndb-ldap (FEDORA-2022-ef038365de)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

EulerOS Virtualization 2.9.1 : xz (EulerOS-SA-2022-2370)

According to the versions of the xz packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name...

OESA-2022-1931 mailman security update

Mailman is free software for managing electronic mail discussion and e-newsletter lists. Mailman is integrated with the web, making it easy for users to manage their accounts and for list owners to administer their lists. Mailman supports built-in archiving, automatic bounce processing, content...

The vulnerability of the LD_LIBRARY_PATH environment variable allows a hacker to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the LDLIBRARYPATH environment variable in the GNU C Library is related to operations that go beyond the buffer boundaries in memory. Exploiting this vulnerability allows an attacker to access confidential data, compromise its integrity, and cause service failures...

EulerOS Virtualization 2.9.0 : xz (EulerOS-SA-2022-2406)

According to the versions of the xz packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name...

gpg: Signature spoofing via status line injection

A vulnerability was found in GnuPG. This issue occurs due to an escape detection loop at the writestatustextandbuffer function in g10/cpr.c. This flaw allows a malicious actor to bypass access control...

Moderate: Red Hat Security Advisory: gnupg2 security update

An update for gnupg2 is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

RLSA-2022:6602 Moderate: gnupg2 security update

The GNU Privacy Guard GnuPG or GPG is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Security Fixes: gpg: Signature spoofing via status line injection CVE-2022-34903 For more details about the security issues, including the impact, a CVSS...

conntrack-tools bug fix and enhancement update

An update is available for conntrack-tools. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The conntrack-tools packages enable the user to set up a High...

ALSA-2022:6602 Moderate: gnupg2 security update

The GNU Privacy Guard GnuPG or GPG is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards. Security Fixes: gpg: Signature spoofing via status line injection CVE-2022-34903 For more details about the security issues, including the impact, a CVSS...

F5 Networks BIG-IP : GNU C Library vulnerability (K64119434)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.5.1. It is, therefore, affected by a vulnerability as referenced in the K64119434 advisory. In the GNU C Library aka glibc or libc6 before 2.28, parseregexp in posix/regcomp.c misparses alternatives, which allows...