16973 matches found
UBUNTU-CVE-2021-33646
The thread function doesn’t free a variable t-thbuf.gnulongname after allocating memory, which may cause a memory leak...
UBUNTU-CVE-2021-33643
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc0 for a variable gnulonglink, causing an out-of-bounds read...
openEuler 缓冲区错误漏洞
openEuler is an operating system from the Open Atomics Open Source Foundation. Open Atomics Open Source Foundation A security vulnerability exists in versions 20.03-LTS-SP1, 20.03-LTS-SP3, and 22.03-LTS of openEuler, which stems from the fact that an attacker who submits a specially crafted tar...
openEuler 安全漏洞
openEuler is an operating system from the Open Atomics Open Source Foundation. A security vulnerability exists in versions 20.03-LTS-SP1, 20.03-LTS-SP3, and 22.03-LTS of openEuler, which stems from the thread function not freeing the variable t-thbuf.gnulonglink after allocating memory, which cou...
PT-2022-10277 · Alt Linux +7 · Alt Linux +7
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger a call to malloc0 for a variable gnu longname,...
openSUSE: Security Advisory for harfbuzz (SUSE-SU-2022:2663-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE: Security Advisory for harfbuzz (SUSE-SU-2022:2664-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
PT-2022-10276
Name of the Vulnerable Software and Affected Versions No specific software or versions are mentioned in the provided descriptions. Description The issue allows an attacker to trigger an out-of-bounds read by submitting a crafted tar file with a size of 0 in the header struct. This can cause the...
openSUSE: Security Advisory for pcre2 (SUSE-SU-2022:2649-1)
The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
'/../WEB-INF/' Information Disclosure Vulnerability (HTTP)
Various application or web servers / products are prone to an information disclosure vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
Design/Logic Flaw
MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. In affected versions all 'admin' users authorized for admin:ServerUpdate can selectively trigger an error that in response, returns the content of the path requested. Any normal OS system would allow...
Security Bulletin: IBM Sterling Connect:Direct for UNIX Certified Container is affected by arbitrary code executiondue to GNU cpio (CVE-2021-38185)
Summary IBM Sterling Connect:Direct for UNIX Certified Container required cpio to be bundled with container image for application installation. This fix removes cpio package from container image as its not required now. Vulnerability Details CVEID:CVE-2021-38185 DESCRIPTION: GNU cpio could allow ...
Fedora: Security Advisory for golang-starlark (FEDORA-2022-5038c3236c)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-35919 Authenticated requests for server update admin API allows path traversal in minio
MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. In affected versions all 'admin' users authorized for admin:ServerUpdate can selectively trigger an error that in response, returns the content of the path requested. Any normal OS system would allow...
CVE-2022-35919
MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. In affected versions all 'admin' users authorized for admin:ServerUpdate can selectively trigger an error that in response, returns the content of the path requested. Any normal OS system would allow...
CVE-2022-35919 Authenticated requests for server update admin API allows path traversal in minio
MinIO is a High Performance Object Storage released under GNU Affero General Public License v3.0. In affected versions all 'admin' users authorized for admin:ServerUpdate can selectively trigger an error that in response, returns the content of the path requested. Any normal OS system would allow...
Fedora: Security Advisory for commit-stream (FEDORA-2022-5ef0bd9a27)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for golang-github-leonelquinteros-gotext (FEDORA-2022-ea8f4e232d)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for golang-github-chris-ramon-douceur (FEDORA-2022-5ef0bd9a27)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for golang-github-gosexy-gettext (FEDORA-2022-ea8f4e232d)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...