Lucene search
K

16992 matches found

Tenable Nessus
Tenable Nessus
added 2019/11/07 12:0 a.m.26 views

SUSE SLED15 / SLES15 Security Update : gdb (SUSE-SU-2019:2902-1)

This update for gdb fixes the following issues : Update to gdb 8.3.1: jscECO-368 Security issues fixed : CVE-2019-1010180: Fixed a potential buffer overflow when loading ELF sections larger than the file. bsc1142772 Upgrade libipt from v2.0 to v2.0.1. Enable librpm for version librpm.so.3...

7.8CVSS6.9AI score0.02628EPSS
Exploits1References6
RedHat Linux
RedHat Linux
added 2019/11/06 5:1 p.m.2 views

patch: OS shell command injection when processing crafted patch files

A flaw was found in GNU patch through version 2.7.6. An ed-style diff payload patch file with shell metacharacters can be used to inject OS shell commands into a system. The ed editor does not need to be present on the vulnerable system for this attack to function. The highest threat from this...

9.3CVSS5.7AI score0.0453EPSS
Exploits0References4
Ubuntu
Ubuntu
added 2019/11/06 4:5 p.m.84 views

USN-4176-1: GNU cpio vulnerability

Thomas Habets discovered that GNU cpio incorrectly handled certain inputs. An attacker could possibly use this issue to privilege escalation...

7.3CVSS6.6AI score0.00686EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2019/11/05 9:7 p.m.3 views

libiberty: Memory leak in demangle_template function resulting in a denial of service

A vulnerability was found in the demangletemplate function in GNU libiberty, as distributed in GNU Binutils, where a memory leak could occur, a specially crafted file could cause the application to consume excessive memory, potentially leading to a crash...

7.5CVSS6.5AI score0.04037EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2019/11/05 9:7 p.m.28 views

Low: Red Hat Security Advisory: gdb security, bug fix, and enhancement update

An update for gdb is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE lin...

7.5CVSS6.6AI score0.04037EPSS
Exploits1References3
RedHat Linux
RedHat Linux
added 2019/11/05 8:57 p.m.4 views

glibc: getaddrinfo should reject IP addresses with trailing characters

In the GNU C Library aka glibc or libc6 through 2.28, the getaddrinfo function would successfully parse a string that contained an IPv4 address followed by whitespace and arbitrary characters, which could lead applications to incorrectly assume that it had parsed a valid string, without the...

5.3CVSS7.4AI score0.00479EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2019/11/05 6:15 p.m.21 views

gnu-efi bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

1.6AI score
Exploits0References1
OSV
OSV
added 2019/11/05 6:15 p.m.11 views

ALBA-2019:3682 gnu-efi bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

6.8AI score
Exploits0References1
OSV
OSV
added 2019/11/04 1:15 p.m.3 views

UBUNTU-CVE-2013-4412

slim has NULL pointer dereference when using crypt method from glibc 2.17...

7.5CVSS5.8AI score0.02934EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2019/11/04 9:54 a.m.20 views

CVE-2018-7642

The swapstdrelocin function in aoutx.h in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service aout32swapstdrelocout NULL pointer dereference and application crash via a crafted ELF file, as demonstrated by...

5.5CVSS5.2AI score0.01949EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2019/11/04 12:0 a.m.4 views

PT-2019-6950 · Gnu · Glibc

Name of the Vulnerable Software and Affected Versions: slim affected versions not specified Description: The issue is related to a NULL pointer dereference in slim when using the crypt method from glibc 2.17. Recommendations: At the moment, there is no information about a newer version that...

7.5CVSS7.2AI score0.02934EPSS
Exploits0References12
OpenVAS
OpenVAS
added 2019/11/04 12:0 a.m.15 views

rdesktop <= 1.8.4 Denial of Service (DoS) vulnerability

rdesktop is prone to a denial of service DoS vulnerability. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Softwar...

7.5CVSS7.4AI score0.01387EPSS
Exploits0References1
ArchLinux
ArchLinux
added 2019/11/03 12:0 a.m.74 views

[ASA-201911-3] glibc: information disclosure

Arch Linux Security Advisory ASA-201911-3 ========================================= Severity: High Date : 2019-11-03 CVE-ID : CVE-2019-9169 Package : glibc Type : information disclosure Remote : No Link : https://security.archlinux.org/AVG-855 Summary ======= The package glibc before version 2.30...

9.8CVSS0.9AI score0.04731EPSS
Exploits1References6
OSV
OSV
added 2019/11/02 4:54 p.m.8 views

MGASA-2019-0311 Updated aspell packages fix security vulnerability

Updated aspell packages fix security vulnerability: libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \ character CVE-2019-17544...

9.1CVSS9.3AI score0.03259EPSS
Exploits0References3
Mageia
Mageia
added 2019/11/02 4:54 p.m.35 views

Updated aspell packages fix security vulnerability

Updated aspell packages fix security vulnerability: libaspell.a in GNU Aspell before 0.60.8 has a stack-based buffer over-read in acommon::unescape in common/getdata.cpp via an isolated \ character CVE-2019-17544...

9.1CVSS3.6AI score0.03259EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2019/11/02 4:14 p.m.29 views

CVE-2018-12934

rememberKtype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption aka OOM. This can occur during execution of cxxfilt...

7.5CVSS6.5AI score0.03252EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2019/11/02 4:11 p.m.29 views

CVE-2018-19931

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfdelf32swapphdrin in elfcode.h because the number of program headers is not restricted...

7.8CVSS3.4AI score0.01468EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2019/11/02 12:0 a.m.20 views

Fedora Update for varnish FEDORA-2019-59e3cb90a3

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.8CVSS7.6AI score0.05742EPSS
Exploits0References2
OSV
OSV
added 2019/10/30 10:15 p.m.2 views

DEBIAN-CVE-2018-21029

systemd 239 through 245 accepts any certificate signed by a trusted certificate authority for DNS Over TLS. Server Name Indication SNI is not sent, and there is no hostname validation with the GnuTLS backend. NOTE: This has been disputed by the developer as not a vulnerability since hostname...

9.8CVSS6.8AI score0.03138EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2019/10/30 12:0 a.m.4 views

PT-2019-10455 · Systemd +1 · Systemd +1

Name of the Vulnerable Software and Affected Versions: systemd versions 239 through 245 Description: The issue concerns the acceptance of any certificate signed by a trusted certificate authority for DNS Over TLS, without sending Server Name Indication SNI and without hostname validation when usi...

9.8CVSS6.3AI score0.55116EPSS
Exploits30References42
Rows per page
Query Builder