16992 matches found
UBUNTU-CVE-2019-16166
GNU cflow through 1.6 has a heap-based buffer over-read in the nexttoken function in parser.c...
Heap overflow
GNU cflow through 1.6 has a heap-based buffer over-read in the nexttoken function in parser.c...
CVE-2019-16166
GNU cflow through 1.6 has a heap-based buffer over-read in the nexttoken function in parser.c...
CVE-2019-16165
GNU cflow through 1.6 has a use-after-free in the reference function in parser.c...
CVE-2019-16165
GNU cflow up to version 1.6 is affected by a use-after-free in the reference function of parser.c, per CVE-2019-16165. Exploitation could lead to denial of service or arbitrary code execution, as described across multiple sources. The issue is tied to memory management in the parser and is presen...
CVE-2019-16165
GNU cflow through 1.6 has a use-after-free in the reference function in parser.c...
CVE-2019-16166
GNU cflow through 1.6 has a heap-based buffer over-read in the nexttoken function in parser.c...
CVE-2019-16166
GNU cflow versions up to 1.6 are affected by a heap-based buffer over-read in the nexttoken function of parser.c (CVE-2019-16166). The issue is documented across multiple sources (NVD, OSV, SUSE, Debian/Ubuntu OSV entries) and consistently references the same core flaw in parser.c. Public referen...
CVE-2019-16166
GNU cflow through 1.6 has a heap-based buffer over-read in the nexttoken function in parser.c...
Fedora Update for exim FEDORA-2019-467fcbb10a
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 29 Update: exim-4.92.2-1.fc29
Exim is a message transfer agent MTA developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail 3, but its facilities are more general. There is a great deal ...
[SECURITY] Fedora 30 Update: exim-4.92.2-1.fc30
Exim is a message transfer agent MTA developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail 3, but its facilities are more general. There is a great deal ...
Fedora Update for libgcrypt FEDORA-2019-1f05925d82
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 30 Update: libgcrypt-1.8.5-1.fc30
Libgcrypt is a general purpose crypto library based on the code used in GNU Privacy Guard. This is a development version...
Exploit for Out-of-bounds Write in Google Android
AutomatedRoot !GitHubhttps://img.shields.io/github/license/...
PT-2021-3327 · Gnu +9 · Glibc +9
Name of the Vulnerable Software and Affected Versions: glibc versions through 2.32 Description: The issue is related to a buffer over-read in the iconv feature of the GNU C Library when processing invalid multi-byte input sequences in the EUC-KR encoding. This could potentially allow a remote...
Cisco Device Hardcoded Credentials / GNU glibc / BusyBox
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple vulnerabilities product: Cisco RV340, Cisco RV340W, Cisco RV345, Cisco RV345P, Cisco RV260, Cisco RV260P, Cisco RV260W, Cisco 160, Cisco 160W vulnerable version:...
MongoDB 3.4 < 3.4.22, 3.6 < 3.6.14, 4.0 < 4.0.11 Code Execution Vulnerability - Windows
An unprivileged user or program on Microsoft Windows which can create OpenSSL configuration files in a fixed location may cause utility programs shipped with MongoDB server to run attacker defined code as the user running the utility. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptio...
CVE-2019-15847
The POWER9 backend in GNU Compiler Collection GCC before version 10 could optimize multiple calls of the builtindarn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single...
ALPINE-CVE-2019-15847
The POWER9 backend in GNU Compiler Collection GCC before version 10 could optimize multiple calls of the builtindarn intrinsic into a single call, thus reducing the entropy of the random number generator. This occurred because a volatile operation was not specified. For example, within a single...