GNU C Library Resource Management Error Vulnerability

The GNU C Library glibc, libc6 is an open-source, free C compiler released under the LGPL license. A resource management error vulnerability exists in glob in GNU C Library version 2.14. A local attacker can exploit this vulnerability to execute arbitrary code by creating specially crafted paths...

Samsung AllShare Server Detection (HTTP)

Checks whether Samsung AllShare Server is present on the target system and if so, tries to figure out the installed version. Copyright C 2020 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms o...

Fedora: Security Advisory for drupal8 (FEDORA-2020-51637cf853)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Frida API Fuzzer - This Experimetal Fuzzer Is Meant To Be Used For API In-Memory Fuzzing

This experimental fuzzer is meant to be used for API in-memory fuzzing. The design is highly inspired and based on AFL/AFL++. ATM the mutator is quite simple, just the AFL's havoc and splice stages. I tested only the examples under tests/, this is a WIP project but is known to works at least on...

CVE-2020-6096

A signed comparison vulnerability was found in GNU libc in the ARMv7 implementation of memcpy. The flaw affects the third argument to memcpy that specifies the number of bytes to copy. An underflow on the third argument could lead to undefined behavior such as out-of-bounds memory write and...

CVE-2018-6551

The malloc implementation in the GNU C Library aka glibc or libc6, from version 2.24 to 2.26 on powerpc, and only in version 2.26 on i386, did not properly handle malloc calls with arguments close to SIZEMAX and could return a pointer to a heap region that is smaller than requested, eventually...

EulerOS Virtualization for ARM 64 3.0.6.0 : libidn2 (EulerOS-SA-2020-1338)

According to the version of the libidn2 package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - GNU libidn2 before 2.2.0 fails to perform the roundtrip checks specified in RFC3490 Section 4.2 when converting A-labels ...

EulerOS Virtualization for ARM 64 3.0.6.0 : python3 (EulerOS-SA-2020-1346)

According to the versions of the python3 packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - In Python CPython 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1, an insecure dependency load upon laun...

EulerOS Virtualization for ARM 64 3.0.6.0 : fribidi (EulerOS-SA-2020-1351)

According to the version of the fribidi package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - A buffer overflow in the fribidigetparembeddinglevelsex function in lib/fribidi-bidi.c of GNU FriBidi through 1.0.7 allow...

EulerOS Virtualization for ARM 64 3.0.6.0 : binutils (EulerOS-SA-2020-1363)

According to the versions of the binutils package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simpleobjectelfmatch in...

EulerOS Virtualization for ARM 64 3.0.6.0 : cyrus-sasl (EulerOS-SA-2020-1336)

According to the version of the cyrus-sasl packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This...

EulerOS Virtualization for ARM 64 3.0.6.0 : patch (EulerOS-SA-2020-1335)

According to the version of the patch package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects...

CVE-2020-6096

An exploitable signed comparison vulnerability exists in the ARMv7 memcpy implementation of GNU glibc 2.30.9000. Calling memcpy on ARMv7 targets that utilize the GNU glibc implementation with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker...

CVE-2020-6096

An exploitable signed comparison vulnerability exists in the ARMv7 memcpy implementation of GNU glibc 2.30.9000. Calling memcpy on ARMv7 targets that utilize the GNU glibc implementation with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker...

CVE-2018-9996

An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangletemplatevalueparm, demangleintegralvalue, and demangleexpression...

CVE-2020-6096

The CVE-2020-6096 entry is supported by connected sources: the glitch is in ARMv7 memcpy() within GNU glibc (version 2.30.9000 in the description) where underflowing the third parameter num can cause a signed-compare bug, potentially writing out of bounds and enabling remote code execution. Debia...

CVE-2020-6096

An exploitable signed comparison vulnerability exists in the ARMv7 memcpy implementation of GNU glibc 2.30.9000. Calling memcpy on ARMv7 targets that utilize the GNU glibc implementation with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker...

CVE-2020-6096

An exploitable signed comparison vulnerability exists in the ARMv7 memcpy implementation of GNU glibc 2.30.9000. Calling memcpy on ARMv7 targets that utilize the GNU glibc implementation with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker...

Huawei EulerOS: Security Advisory for libidn2 (EulerOS-SA-2020-1338)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2020-1363)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...