Security Bulletin: App Connect Professional is affected by GNU C Library vulnerability.

Summary App Connect Professional have addressed the following vulnerability reported in GNU C Library. Vulnerability Details CVEID: CVE-2020-27618 DESCRIPTION: GNU C Library aka glibc or libc6 is vulnerable to a denial of service, caused by an error when processing some invalid inputs from severa...

Fedora: Security Advisory for golang (FEDORA-2021-2b2dd1b5a7)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

GCC c++filt v2.26 was discovered to contain a use-after-free vulnerability via the component cplus-dem.c.

...

GNU Binutils Buffer Overflow Vulnerability (CNVD-2021-103512)

GNU Binutils GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU community. GNU Binutils is vulnerable to a buffer overflow vulnerability that can be exploited by attackers to cause a denial of service...

The vulnerability of the GNU Mailman email distribution management package lies in its insufficient attempt-limiting mechanism for authentication. This allows users to bypass the authentication process.

The vulnerability of the GNU Mailman email distribution management package lies in the insufficient limitation on the number of authentication attempts. Exploiting this vulnerability allows a malicious actor to bypass the authentication process by forcibly obtaining the administrator’s password...

The vulnerability of the cgi/options.py parameters in the GNU Mailman mailing list management package, related to the lack of protection for the website structure, allows for the execution of arbitrary JavaScript code.

The vulnerability in the cgi/options.py module of the GNU Mailman mailing list management package relates to the lack of measures taken to protect the website structure. Exploiting this vulnerability could allow a remote attacker to execute arbitrary JavaScript code...

Cross Site Request Forgery in mailman

In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request using that token to set a new admin password or make other changes...

GHSA-XQ58-69H2-765M Cross Site Request Forgery in mailman

In GNU Mailman before 2.1.38, a list member or moderator can get a CSRF token and craft an admin request using that token to set a new admin password or make other changes...

CVE-2021-45078

stabxcoffbuiltintype in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix for CVE-2018-12699...

CVE-2021-45078

stabxcoffbuiltintype in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix for CVE-2018-12699...

CVE-2021-45078

stabxcoffbuiltintype in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix for CVE-2018-12699...

CVE-2021-45078

CVE-2021-45078 affects GNU Binutils (binutils) with a heap-based buffer overflow in the stab handling path (stab_xcoff_builtin_type / finish_stab in stabs.c). The issue is present in Binutils up to version 2.37; exploitation can cause a denial of service and potentially other impact as demonstrat...

CVE-2021-45078

stabxcoffbuiltintype in stabs.c in GNU Binutils through 2.37 allows attackers to cause a denial of service heap-based buffer overflow or possibly have unspecified other impact, as demonstrated by an out-of-bounds write. NOTE: this issue exists because of an incorrect fix for CVE-2018-12699...

Security Bulletin: App Connect Professional is affected by GNU C Library vulnerability.

Summary App Connect Professional have addressed the following vulnerability reported in GNU C Library. Vulnerability Details CVEID: CVE-2021-27218 DESCRIPTION: GNOME GLib is vulnerable to a denial of service, caused by an error when invoking gbytearraynewtake with a buffer of 4GB or more on a...

Security Bulletin: App Connect Professional is affected by GNU C Library vulnerability

Summary App Connect Professional have addressed the following vulnerability reported in GNU C Library. Vulnerability Details CVEID: CVE-2021-27645 DESCRIPTION: GNU glibc is vulnerable to a denial of service, caused by double-free in the nameserver caching daemon nscd. By sending a specially-craft...

Security Bulletin: App Connect Professional is affected by GNU C Library vulnerability

Summary App Connect Professional have addressed the following vulnerability reported in GNU C Library. Vulnerability Details CVEID: CVE-2021-33574 DESCRIPTION: GNU C Library aka glibc is vulnerable to a denial of service, caused by a use-after-free flaw in the mqnotify function. By sending a...

Security Bulletin: App Connect Professional is affected by GNU C Library vulnerability.

Summary App Connect Professional have addressed the following vulnerability reported in GNU C Library. Vulnerability Details CVEID: CVE-2021-35942 DESCRIPTION: GNU C Library aka glibc could allow a local attacker to obtain sensitive information, caused by a flaw when called with an untrusted,...

Security Bulletin: App Connect Professional is affected by GNU C Library vulnerability

Summary App Connect Professional have addressed the following vulnerability reported in GNU C Library. Vulnerability Details CVEID: CVE-2021-35942 DESCRIPTION: GNU C Library aka glibc could allow a local attacker to obtain sensitive information, caused by a flaw when called with an untrusted,...

Security Bulletin: App Connect Professional is affected by GNU C Library vulnerability

Summary App Connect Professional have addressed the following vulnerability reported in GNU C Library. Vulnerability Details CVEID: CVE-2021-3326 DESCRIPTION: GNU C Library aka glibc or libc6 is vulnerable to a denial of service, caused by an assertion failure when processing invalid input...

Security Bulletin: App Connect Professional is affected by GNU C Library vulnerability.

Summary App Connect Professional have addressed the following vulnerability reported in GNU C Library. Vulnerability Details CVEID: CVE-2020-10029 DESCRIPTION: GNU C Library aka glibc or libc6 is vulnerable to a denial of service, caused by a stack-based overflow during range reduction. A local...