SUSE SLED15: binutils / binutils-devel / binutils-devel-32bit / binutils-gold / etc (SUSE-SU-2021:3616-1)

The remote SUSE Linux SLED15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3616-1 advisory. Update to binutils 2.37: The GNU Binutils sources now requires a C99 compiler and library to build. Support for Realm...

CVE-2021-43396

In iconvdata/iso-2022-jp-3.c in the GNU C Library aka glibc 2.34, remote attackers can force iconv to emit a spurious '\0' character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv use cases. NOTE: the vendor states "t...

CVE-2021-43396

In iconvdata/iso-2022-jp-3.c in the GNU C Library aka glibc 2.34, remote attackers can force iconv to emit a spurious '\0' character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv use cases. NOTE: the vendor states "t...

SUSE-SU-2021:3616-1 Security update for binutils

This update for binutils fixes the following issues: Update to binutils 2.37: The GNU Binutils sources now requires a C99 compiler and library to build. Support for Realm Management Extension RME for AArch64 has been added. A new linker option '-z report-relative-reloc' for x86 ELF targets has be...

OPENSUSE-SU-2021:3616-1 Security update for binutils

This update for binutils fixes the following issues: Update to binutils 2.37: The GNU Binutils sources now requires a C99 compiler and library to build. Support for Realm Management Extension RME for AArch64 has been added. A new linker option '-z report-relative-reloc' for x86 ELF targets has be...

Oracle OpenJDK Multiple Vulnerabilities (Oct 2021)

Oracle OpenJDK is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

PT-2021-23827 · Gnu · Glibc

Name of the Vulnerable Software and Affected Versions: GNU C Library aka glibc version 2.34 Description: Remote attackers can force iconv to emit a spurious '0' character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv...

Huawei EulerOS: Security Advisory for cpio (EulerOS-SA-2021-2626)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 15 Security Update : util-linux (openSUSE-SU-2021:1440-1)

The remote SUSE Linux SUSE15 host has packages installed that are affected by a vulnerability as referenced in the openSUSE-SU-2021:1440-1 advisory. - DISPUTED An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources...

SUSE SLED12: binutils / binutils-devel / binutils-gold / cross-ppc-binutils / etc (SUSE-SU-2021:3593-1)

The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:3593-1 advisory. Update to binutils 2.37: The GNU Binutils sources now requires a C99 compiler and library to build. Support for the...

F5 Networks BIG-IP : GNU C Library (glibc) vulnerability (K52494142)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3 / 17.5.1.1. It is, therefore, affected by a vulnerability as referenced in the K52494142 advisory. The iconv program in the GNU C Library aka glibc or libc6 2.31 and earlier, when invoked with multiple suffixes in t...

F5 Networks BIG-IP : glibc vulnerability (K68251873)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.4.1 / 17.1.3 / 17.5.1. It is, therefore, affected by a vulnerability as referenced in the K68251873 advisory. The iconv feature in the GNU C Library aka glibc or libc6 through 2.32, when processing invalid multi- byte...

USN-5124-1: GNU binutils vulnerabilities | Cloud Foundry

Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Several security issues were fixed in GNU binutils. CVEs contained in this USN include: CVE-2020-16592, CVE-2021-3487. Affected Cloud Foundry Products and Versions Severity is low unless otherwise noted...

NewStart CGSL CORE 5.05 / MAIN 5.05 : glibc Multiple Vulnerabilities (NS-SA-2021-0180)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has glibc packages installed that are affected by multiple vulnerabilities: - On the x86-64 architecture, the GNU C Library aka glibc before 2.31 fails to ignore the LDPREFERMAP32BITEXEC environment variable during program...

NewStart CGSL MAIN 6.02 : binutils Multiple Vulnerabilities (NS-SA-2021-0122)

The remote NewStart CGSL host, running version MAIN 6.02, has binutils packages installed that are affected by multiple vulnerabilities: - findabstractinstance in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32, allows remote attackers to cause a...

Ubuntu 18.04 LTS / 20.04 LTS : GNU binutils vulnerabilities (USN-5124-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5124-1 advisory. It was discovered that GNU binutils incorrectly handled certain hash lookups. An attacker could use this issue to cause GNU binutils to crash...

USN-5124-1: GNU binutils vulnerabilities

It was discovered that GNU binutils incorrectly handled certain hash lookups. An attacker could use this issue to cause GNU binutils to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2020-16592 It was discovered that GNU binutils incorrectly handled certain corru...

Privilege Escalation

GNU Mailman allows remote Privilege Escalation. A csrftoken value is not specific to a single user account. An attacker can obtain a value within the context of an unprivileged user account, and then use that value in a CSRF attack against an admin e.g., for account takeover...

Privilege Escalation

GNU Mailman is vulnerable to allow remote Privilege Escalation. A certain csrftoken value is derived from the admin password, and may be useful in conducting a brute-force attack against that password...

PHP 5.3.7 - 7.3.31, 7.4.x < 7.4.25, 8.0.x < 8.0.12 Security Update (Oct 2021) - Windows

PHP released new versions which includes a security fix. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...