AZL-34736 CVE-2023-6779 affecting package glibc for versions less than 2.38-6

An off-by-one heap-based buffer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INTMAX bytes, leading to an incorrect calculation of t...

Critical Flaws Found in GNU C Library, Major Linux Distros at Risk

By Deeba Ahmed Patch Now or Pay Later: Qsort Flaw Leaves Millions of Linux Systems Exposed. This is a post from HackRead.com Read the original post: Critical Flaws Found in GNU C Library, Major Linux Distros at Risk...

TELSAT marKoni FM Transmitter 1.9.5 Client-Side Access Control Bypass Vulnerability

TELSAT marKoni FM Transmitter version 1.9.5 implements client-side restrictions that can be bypassed by editing the HTML source page that enable administrative operations. TELSAT marKoni FM Transmitter 1.9.5 Client-Side Access Control Bypass Vendor: TELSAT Srl Product web page:...

UBUNTU-CVE-2023-6780

An integer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message,...

TELSAT marKoni FM Transmitter 1.9.5 Insecure Access Control

TELSAT marKoni FM Transmitter 1.9.5 Insecure Access Control Change Password Vendor: TELSAT Srl Product web page: https://www.markoni.it Affected version: Markoni-D Compact FM Transmitters Markoni-DH Exciter+Amplifiers FM Transmitters Markoni-A Analogue Modulator FM Transmitters Firmware: 1.9.5...

TELSAT marKoni FM Transmitter 1.9.5 Root Command Injection Exploit

TELSAT marKoni FM Transmitter version 1.9.5 is susceptible to unauthenticated remote code execution with root privileges. An attacker can exploit a command injection vulnerability by manipulating the Email settings' WAN IP info service, which utilizes the wget module. This allows the attacker to...

The vulnerability of the getaddrinfo function in the GNU C library (glibc) allows a hacker to cause a service failure.

The vulnerability of the getaddrinfo function in the GNU C library glibc is related to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

The vulnerability of the vsyslog_internal function in the glibc library, which allows an attacker to elevate their privileges to the root user level

The vulnerability of the vsysloginternal function in the glibc library is related to buffer overflow in dynamic memory. Exploiting this vulnerability can allow an attacker to elevate their privileges to root user status by sending specially crafted data as input to the logging function...

TELSAT marKoni FM Transmitter 1.9.5 Insecure Access Control Change Password

Summary Professional FM transmitters. Description Unauthorized user could exploit this vulnerability to change his/her password, potentially gaining unauthorized access to sensitive information or performing actions beyond her/his designated permissions. TELSAT marKoni FM Transmitter 1.9.5 Insecu...

UBUNTU-CVE-2023-6779

An off-by-one heap-based buffer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INTMAX bytes, leading to an incorrect calculation of t...

TELSAT marKoni FM Transmitter 1.9.5 Client-Side Access Control Bypass

Summary Professional FM transmitters. Description The application implements client-side restrictions that can be bypassed by editing the HTML source page that enable administrative operations. TELSAT marKoni FM Transmitter 1.9.5 Client-Side Access Control Bypass Vendor: TELSAT Srl Product web...

Moderate: Red Hat Security Advisory: libmicrohttpd security update

An update for libmicrohttpd is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availabl...

glibc buffer error vulnerability

glibc GNU C Library is the C standard library implemented by the GNU Project. A security vulnerability exists in glibc 2.37 and earlier versions, which stems from the presence of a heap-based buffer overflow that can cause an application to crash...

glibc 缓冲区错误漏洞

glibc GNU C Library is the C standard library implemented by the GNU Project. A security vulnerability exists in glibc 2.37 and earlier versions, which stems from the presence of an integer overflow that can be exploited by an attacker to cause the size of the buffer in which a message is stored ...

PT-2024-1611 · Glibc +1 · Glibc +1

Name of the Vulnerable Software and Affected Versions: glibc versions 2.37 and newer Description: The issue is related to an off-by-one heap-based buffer overflow in the vsyslog internal function of the glibc library. This function is called by the syslog and vsyslog functions. The overflow occur...

RHEL 8 : libmicrohttpd (RHSA-2024:0584)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:0584 advisory. GNU libmicrohttpd is a small C library that makes it easy to run an HTTP server as part of another application. Security Fixes: libmicrohttpd: remote...

EulerOS 2.0 SP11 : gdb (EulerOS-SA-2024-1104)

According to the versions of the gdb packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - GNU gdb GDB 13.0.50.20220805-git was discovered to contain a heap use after free via the function addpeexportedsym at /gdb/coff-pe-read.c...

GNU indent 缓冲区错误漏洞

GNU indent is a utility program of the American GNU community that has existed since the Unix era. It can be reindented into C and C++ code in a user-defined programming style. GNU indent suffers from a buffer overflow vulnerability that stems from a heap-based buffer overflow contained in...

The vulnerability of the GnuTLS cryptographic library, related to errors in verifying the cryptographic signature, allows a perpetrator to trigger a service failure.

The vulnerability of the transport-layer cryptographic library GnuTLS is related to errors in verifying the cryptographic signature. Exploiting this vulnerability allows a malicious actor, operating remotely, to cause service failures...

Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities (CVE-2023-4806, CVE-2023-4155, CVE-2023-4527)

Summary IBM Security Guardium has addressed these vulnerabilities with an update. Vulnerability Details CVEID:CVE-2023-4806 DESCRIPTION: GNU glibc is vulnerable to a denial of service, caused by a use-after-free flaw in the getaddrinfo function. By sending a specially crafted request, a remote...