16973 matches found
openSUSE 15 Security Update : binutils (openSUSE-SU-2021:1475-1)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2021:1475-1 advisory. Update to binutils 2.37: The GNU Binutils sources now requires a C99 compiler and library to build. Support for Realm Management Extension RME fo...
Moderate: Red Hat Security Advisory: devtoolset-11-gcc security update
An update for devtoolset-11-gcc is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
OPENSUSE-SU-2021:1475-1 Security update for binutils
This update for binutils fixes the following issues: Update to binutils 2.37: The GNU Binutils sources now requires a C99 compiler and library to build. Support for Realm Management Extension RME for AArch64 has been added. A new linker option '-z report-relative-reloc' for x86 ELF targets has be...
DEBIAN-CVE-2021-43618
GNU Multiple Precision Arithmetic Library GMP through 6.2.1 has an mpz/inpraw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms...
CVE-2021-43618
GNU Multiple Precision Arithmetic Library GMP through 6.2.1 has an mpz/inpraw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms...
CVE-2021-43618
CVE-2021-43618 affects GMP up to version 6.2.1. The issue is an integer overflow in mpz/inp_raw.c that can cause a buffer overflow, leading to a segmentation fault on 32‑bit platforms. Public advisories in multiple distributions confirm a patched release is available (e.g., GMP 6.2.1-2 and newer;...
CVE-2021-43618
GNU Multiple Precision Arithmetic Library GMP through 6.2.1 has an mpz/inpraw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms...
Gnu Multiple Precision Arithmetic Library 输入验证错误漏洞
Gnu Multiple Precision Arithmetic Library Gmp is a free library for arbitrary precision arithmetic from the Gnu Project. It is used to perform arithmetic on signed integers, rational numbers and floating point numbers. A security vulnerability exists in GNU Multiple Precision Arithmetic Library G...
Vulnerabilities fixed in GNU Mailman
The developers of GNU Mailman have fixed two vulnerabilities fixed in GNU Mailman. The vulnerabilities could be exploited by a malicious person to gain access to the administrator password, or to use a cross-site scripting attack to execute code in the scope of the affected browser. To gain acces...
CVE-2021-43618
GNU Multiple Precision Arithmetic Library GMP through 6.2.1 has an mpz/inpraw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms...
Mailman < 2.1.36 Multiple Vulnerabilities
Mailman is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gnu:mailman"; ifdescription...
CVE-2021-43332
In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an encrypted version of the list admin password. This could potentially be cracked by a moderator via an offline brute-force attack...
CVE-2021-43332
In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an encrypted version of the list admin password. This could potentially be cracked by a moderator via an offline brute-force attack...
CVE-2021-43331
In GNU Mailman before 2.1.36, a crafted URL to the Cgi/options.py user options page can execute arbitrary JavaScript for XSS...
CVE-2021-43331
In GNU Mailman before 2.1.36, a crafted URL to the Cgi/options.py user options page can execute arbitrary JavaScript for XSS...
CVE-2021-43332
In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an encrypted version of the list admin password. This could potentially be cracked by a moderator via an offline brute-force attack...
UBUNTU-CVE-2021-43332
In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an encrypted version of the list admin password. This could potentially be cracked by a moderator via an offline brute-force attack...
UBUNTU-CVE-2021-43331
In GNU Mailman before 2.1.36, a crafted URL to the Cgi/options.py user options page can execute arbitrary JavaScript for XSS...
Cross site scripting
In GNU Mailman before 2.1.36, a crafted URL to the Cgi/options.py user options page can execute arbitrary JavaScript for XSS...
CVE-2021-43331
In GNU Mailman before 2.1.36, a crafted URL to the Cgi/options.py user options page can execute arbitrary JavaScript for XSS...