EulerOS 2.0 SP9 : binutils (EulerOS-SA-2021-2545)

According to the versions of the binutils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to...

EulerOS 2.0 SP5 : binutils (EulerOS-SA-2021-2493)

According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to...

EulerOS 2.0 SP9 : binutils (EulerOS-SA-2021-2521)

According to the versions of the binutils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to...

EulerOS 2.0 SP8 : binutils (EulerOS-SA-2021-2455)

According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to...

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2021-2455)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated cpio packages fix security vulnerability

GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c dsfgetstr integer overflow that triggers an out-of-bounds heap write. CVE-2021-38185...

MGASA-2021-0423 Updated cpio packages fix security vulnerability

GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c dsfgetstr integer overflow that triggers an out-of-bounds heap write. CVE-2021-38185...

Security Bulletin: Vulnerabilities in GNU C Library Affect Power Hardware Management Console (CVE-2013-7423, CVE-2014-7817, CVE-2014-9402, CVE-2015-1472)

Summary GNU C Library is used by Power Hardware Management Console HMC. HMC has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2013-7423 DESCRIPTION:The senddg function in resolv/ressend.c in GNU C Library aka glibc or libc6 before 2.20 does not properly reuse file descriptors,...

Security Bulletin: GNU C Library (glibc) Vulnerability Affects Power Hardware Management Console (CVE-2015-0235, CVE-2014-6040, CVE-2014-7817)

Summary GNU C library glibc vulnerability that has been referred to as GHOST affects Power Hardware Management Console. Vulnerability Details CVEID: CVE-2015-0235 DESCRIPTION:The gethostbyname functions of the GNU C Library glibc are vulnerable to a buffer overflow. By sending a specially crafted...

CLSA-2021-1632262065 Update of nscd, glibc-headers, glibc, glibc-utils, glibc-static, glibc-static, glibc-devel, glibc-devel, glibc, glibc-common

More precise DNS name checks accepting dash-.example.com, among other things...

Amazon Linux 2 : gcc10-binutils (ALAS-2021-1702)

The version of gcc10-binutils installed on the remote host is prior to 2.35-21. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1702 advisory. 2024-01-19: CVE-2021-20284 was added to this advisory. An issue was discovered in the Binary File Descriptor BFD...

PT-2021-7355 · Gnu +8 · Gmp +8

Name of the Vulnerable Software and Affected Versions: GNU Multiple Precision Arithmetic Library GMP versions through 6.2.1 Description: The issue is related to an integer overflow and resultant buffer overflow in the mpz/inp raw.c component of the GNU Multiple Precision Arithmetic Library GMP on...

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2021-2355)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP2 : binutils (EulerOS-SA-2021-2355)

According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A use after free issue exists in the Binary File Descriptor BFD library aka libbfd in GNU Binutils 2.34 in bfdhashlookup, as demonstrated in...

CVE-2021-40347

An issue was discovered in views/list.py in GNU Mailman Postorius before 1.3.5. An attacker logged into any account can send a crafted POST request to unsubscribe any user from a mailing list, also revealing whether that address was subscribed in the first place...

PYSEC-2021-319

An issue was discovered in views/list.py in GNU Mailman Postorius before 1.3.5. An attacker logged into any account can send a crafted POST request to unsubscribe any user from a mailing list, also revealing whether that address was subscribed in the first place...

PYSEC-2021-319

An issue was discovered in views/list.py in GNU Mailman Postorius before 1.3.5. An attacker logged into any account can send a crafted POST request to unsubscribe any user from a mailing list, also revealing whether that address was subscribed in the first place...

UBUNTU-CVE-2021-40347

An issue was discovered in views/list.py in GNU Mailman Postorius before 1.3.5. An attacker logged into any account can send a crafted POST request to unsubscribe any user from a mailing list, also revealing whether that address was subscribed in the first place...

CVE-2021-40347

The CVE-2021-40347 issue affects GNU Mailman Postorius (views/list.py) for versions before 1.3.5. An authenticated attacker can send a crafted POST request to unsubscribe any user from a mailing list and can reveal whether that address was subscribed. Remediation: upgrade Postorius to 1.3.5 or ne...

CVE-2021-40347

An issue was discovered in views/list.py in GNU Mailman Postorius before 1.3.5. An attacker logged into any account can send a crafted POST request to unsubscribe any user from a mailing list, also revealing whether that address was subscribed in the first place...