grub2 buffer overflow vulnerability (CNVD-2021-16928)

grub2 is a Linux system boot program from the GNU community. A buffer overflow vulnerability exists in grub2 versions prior to 2.06 in the grubusbdeviceinitialize function, which handles USB device initialization. No details of the vulnerability are provided at this time...

EulerOS Virtualization 3.0.6.6 : glibc (EulerOS-SA-2021-1477)

According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - On the x86-64 architecture, the GNU C Library aka glibc before 2.31 fails to ignore the LDPREFERMAP32BITEXEC environment variable...

EulerOS Virtualization 2.9.1 : binutils (EulerOS-SA-2021-1590)

According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A Null Pointer Dereference vulnerability exists in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU...

grub2 buffer overflow vulnerability (CNVD-2021-16927)

grub2 is a Linux system boot program from the GNU community. A security vulnerability exists in grub2 versions prior to 2.06 which identifies a stack buffer overflow vulnerability in grubparsersplitcmdline. No details of the vulnerability are provided at this time...

grub2 resource management error vulnerability (CNVD-2021-16929)

grub2 is a Linux system boot program from the GNU community. A resource management error vulnerability exists in grub2 versions prior to 2.06, which stems from the rmmod command. No details of the vulnerability are provided at this time...

Oracle Linux 7 : screen (ELSA-2021-0742)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2021-0742 advisory. 4.1.0-0.27.2012314git3c2946 - fix CVE-2021-26937 1927063 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

OESA-2021-1045 glibc security update

The GNU C Library project provides the core libraries for the GNU system and GNU/Linux systems, as well as many other systems that use Linux as the kernel. These libraries provide critical APIs including ISO C11, POSIX.1-2008, BSD, OS-specific APIs and more. These APIs include such foundational...

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2021-1412)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GNU Binutils Access Control Error Vulnerability

GNU Binutils GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU community. The programs are primarily designed to work with target files in a variety of formats, and provide linkers, assemblers, and other tools for target files and archives. An...

Fedora 32 : screen (2021-5e9894a0c5)

The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-5e9894a0c5 advisory. - encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service invalid write access and application crash or possibly...

nightmare

This repository is an open-source project for teaching binary exploitation and reverse engineering skills through a series of challenges. It is a collection of CTF Capture The Flag challenges designed to help learners develop their skills in exploiting binaries and reversing assembly code. The...

[ASA-202102-41] tar: denial of service

Arch Linux Security Advisory ASA-202102-41 ========================================== Severity: Low Date : 2021-02-27 CVE-ID : CVE-2021-20193 Package : tar Type : denial of service Remote : No Link : https://security.archlinux.org/AVG-1462 Summary ======= The package tar before version 1.34-1 is...

CVE-2020-27618

The iconv function in the GNU C Library aka glibc or libc6 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a deni...

CVE-2020-27618

The iconv function in the GNU C Library aka glibc or libc6 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a deni...

UBUNTU-CVE-2020-27618

The iconv function in the GNU C Library aka glibc or libc6 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a deni...

CVE-2020-27618

The iconv function in the GNU C Library aka glibc or libc6 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a deni...

Input validation

The iconv function in the GNU C Library aka glibc or libc6 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a deni...

CVE-2020-27618

The iconv function in the GNU C Library aka glibc or libc6 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a deni...

CVE-2020-27618

The iconv function in the GNU C Library aka glibc or libc6 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a deni...

CVE-2020-27618

Summary (CVE-2020-27618) The vulnerability affects the GNU C Library (glibc) iconv input handling. When processing invalid multi-byte input sequences in specific IBM encodings, iconv may fail to advance the input state, potentially causing an infinite loop and a denial of service. This behavior i...