17002 matches found
CVE-2019-11637
An issue was discovered in GNU recutils 1.8. There is a NULL pointer dereference in the function recrsetgetprops at rec-rset.c in librec.a, leading to a crash...
CVE-2019-11637
An issue was discovered in GNU recutils 1.8. There is a NULL pointer dereference in the function recrsetgetprops at rec-rset.c in librec.a, leading to a crash...
PT-2019-12444 · Gnu +3 · Gnu Recutils +3
Name of the Vulnerable Software and Affected Versions: GNU recutils version 1.8 Description: A heap-based buffer overflow issue exists in the function rec fex parse str simple at rec-fex.c in librec.a. Recommendations: For GNU recutils version 1.8, consider applying a patch or fix to address the...
PT-2019-12442 · Gnu +3 · Gnu Recutils +3
Name of the Vulnerable Software and Affected Versions: GNU recutils version 1.8 Description: An issue was discovered that leads to a crash due to a NULL pointer dereference in the function rec field name equal p at rec-field-name.c in librec.a. Recommendations: For GNU recutils version 1.8, at th...
PT-2019-12441 · Gnu +3 · Gnu Recutils +3
Name of the Vulnerable Software and Affected Versions: GNU recutils version 1.8 Description: An issue was discovered that leads to a crash due to a NULL pointer dereference in the function rec rset get props at rec-rset.c in librec.a. Recommendations: For GNU recutils version 1.8, consider avoidi...
Fedora Update for kernel-tools FEDORA-2019-1b986880ea
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
The vulnerability of the sparse_dump_region function in the GNU Tar archive utility, which involves reading beyond the buffer boundaries, allows a hacker to cause a service failure.
The vulnerability of the sparsedumpregion function in the GNU Tar archive manager is related to reading beyond the buffer boundaries when the --sparse flag is used. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
Amazon Linux AMI : wget (ALAS-2019-1194)
A buffer overflow vulnerability was found in GNU Wget. An attacker may be able to cause a denial-of-service DoS or may execute an arbitrary code. CVE-2019-5953 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Amazon Linux AMI Security...
Security Bulletin: IBM QRadar Network Packet Capture is vulnerable to a Publicly disclosed vulnerability from GNU glibc (CVE-2018-11237)
Summary GLIBC as used by IBM QRadar Network Packet Capture is vulnerable to a buffer overflow Vulnerability Details CVEID: CVE-2018-11237 Description: GNU glibc is vulnerable to a buffer overflow, caused by improper bounds of checking by the mempcpy function. By sending a specially-crafted reques...
Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerability in GNU glibc (CVE-2018-11236)
Summary IBM Advanced Management Module AMM has addressed the following vulnerability in GNU glibc. Vulnerability Details CVEID: CVE-2018-11236 DESCRIPTION: GNU glibc is vulnerable to a stack-based buffer overflow, caused by improper bounds of checking by the pathname arguments in the realpath...
Important: wget
Issue Overview: A buffer overflow vulnerability was found in GNU Wget. An attacker may be able to cause a denial-of-service DoS or may execute an arbitrary code. CVE-2019-5953 Affected Packages: wget Issue Correction: Run yum update wget or yum update --advisory ALAS-2019-1194 to update your...
Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerabilities in GNU glibc (CVE-2017-15804 CVE-2017-15670 CVE-2015-5180)
Summary IBM Advanced Management Module AMM has addressed the following vulnerabilities in GNU glibc. Vulnerability Details CVEID: CVE-2017-15804 DESCRIPTION: GNU C Library aka glibc or libc6 is vulnerable to a buffer overflow, caused by improper bounds checking by glob function in glob.c. By usin...
FreeBSD : wget -- security flaw in caching credentials passed as a part of the URL (a737eb11-5cfc-11e9-ab87-8cec4bf8fcfb)
Gynvael Coldwind reports : setfilemetadata in xattr.c in GNU Wget before 1.20.1 stores a file's origin URL in the user.xdg.origin.url metadata attribute of the extended attributes of the downloaded file, which allows local users to obtain sensitive information e.g., credentials contained in the U...
openSUSE: Security Advisory for the Linux Kernel (openSUSE-SU-2019:1193-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE: Security Advisory for netpbm (openSUSE-SU-2019:1200-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE: Security Advisory for file (openSUSE-SU-2019:1197-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
GNU C Library Code Problem Vulnerability
The GNU C Library glibc, libc6 is an open-source, free C compiler released under the LGPL license. A code issue vulnerability exists in the nscd daemon in versions of the GNU C Library prior to 2.5, which arises from an improperly designed or implemented code development process for a networked...
CVE-2006-7254
The nscd daemon in the GNU C Library glibc before version 2.5 does not close incoming client sockets if they cannot be handled by the daemon, allowing local users to carry out a denial of service attack on the daemon...
CVE-2005-3590
The getgrouplist function in the GNU C library glibc before version 2.3.5, when invoked with a zero argument, writes to the passed pointer even if the specified array size is zero, leading to a buffer overflow and potentially allowing attackers to corrupt memory...
DEBIAN-CVE-2006-7254
The nscd daemon in the GNU C Library glibc before version 2.5 does not close incoming client sockets if they cannot be handled by the daemon, allowing local users to carry out a denial of service attack on the daemon...