16972 matches found
WordPress Migration, Backup, Staging - WPvivid Plugin <= 0.9.74 PHAR Deserialization Vulnerability
The WordPress plugin Migration, Backup, Staging - WPvivid is prone to an authenticated PHAR deserialization vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
NodeBB < 1.17.2 Account Takeover Vulnerability
NodeBB is prone to an account takeover vulnerability via SSO plugins. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Fedora: Security Advisory for protobuf-c (FEDORA-2022-3be472fe11)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE: Security Advisory for gimp (SUSE-SU-2022:3107-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
GLSA-202209-01 : GNU Gzip, XZ Utils: Arbitrary file write
The remote host is affected by the vulnerability described in GLSA-202209-01 GNU Gzip, XZ Utils: Arbitrary file write - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can...
Amazon Linux 2022 : gzip, xz, xz-devel (ALAS2022-2022-058)
It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-058 advisory. An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's...
Fedora: Security Advisory for libtar (FEDORA-2022-fe1a4e3cf0)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
GNU PSPP 缓冲区错误漏洞
GNU PSPP is an application for data sampling, statistics and analysis. A security vulnerability exists in GNU PSPP version 1.6.2, which stems from a heap-based buffer overflow in the function readbytesinternal in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service...
[SECURITY] Fedora 35 Update: libtar-1.2.20-25.fc35
libtar is a C library for manipulating tar archives. It supports both the strict POSIX tar format and many of the commonly-used GNU extensions...
[SECURITY] Fedora 36 Update: libtar-1.2.20-25.fc36
libtar is a C library for manipulating tar archives. It supports both the strict POSIX tar format and many of the commonly-used GNU extensions...
In GNU Binutils before 2.40 there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file.
...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.19.1.5)
The version of AOS installed on the remote host is prior to 5.19.1.5. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.19.1.5 advisory. - Perl before 5.30.3 has an integer overflow related to mishandling of a PLregkindOPn == NOTHING situation. A crafted regul...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.16)
The version of AOS installed on the remote host is prior to 5.16. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.16 advisory. - Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get code...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.11.2)
The version of AOS installed on the remote host is prior to 5.11.2. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.11.2 advisory. - Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.10.9)
The version of AOS installed on the remote host is prior to 5.10.9. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.10.9 advisory. - Gnome Pango 1.42 and later is affected by: Buffer Overflow. The impact is: The heap based buffer overflow can be used to get...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.15.7)
The version of AOS installed on the remote host is prior to 5.15.7. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.15.7 advisory. - encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service invalid write access and...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.15.5.5)
The version of AOS installed on the remote host is prior to 5.15.5.5. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.15.5.5 advisory. - encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service invalid write access and...
Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20201105.2030)
The version of AHV installed on the remote host is prior to 20201105.2030. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20201105.2030 advisory. - encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service invalid write acces...
Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20201105.1082)
The version of AHV installed on the remote host is prior to 20201105.1082. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20201105.1082 advisory. - Perl before 5.30.3 has an integer overflow related to mishandling of a PLregkindOPn == NOTHING situation. A...
CVE-2022-1271
An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation...