Important: ansible

Issue Overview: A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during installation even when disablegpgcheck is set to False, which is the default...

GNU C Library 安全漏洞

GNU C Library is a C standard library implemented by the GNU project to provide underlying API support for the Linux system, encapsulating basic functions such as file operations, memory management, and process control. A memory leak vulnerability exists in GNU C Library, which can be exploited b...

PT-2023-6835

Name of the Vulnerable Software and Affected Versions GNU C Library affected versions not specified Description The issue is related to a memory leak in the GNU C Library, potentially causing an application crash. It is associated with incorrect memory deallocation before removing the last...

The vulnerability in the builtin.c component allows for data reformatting according to specified templates using Gawk. This enables an attacker to gain unauthorized access to protected information or cause service failures.

The vulnerability of the builtin.c component, related to data reformatting functions using the Gawk template engine, stems from the operation of writing data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected...

[SECURITY] [DLA 3576-1] gsl security update

Debian LTS Advisory DLA-3576-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany September 21, 2023 https://wiki.debian.org/LTS Package : gsl Version : 2.5+dfsg-6+deb10u1 CVE ID : CVE-2020-35357 A buffer overflow can occur when calculating the quantile value using t...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.7.0.5)

The version of AOS installed on the remote host is prior to 6.7.0.5. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.7.0.5 advisory. - An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection vulnerability. In the...

GNU Binutils Memory Leak Vulnerability

GNU Binutils is a set of tools for working with binary files. A memory leak vulnerability exists in GNU Binutils, which originates from the function findabstractinstance in dwarf2.c contains a memory leak that can be exploited by an attacker to cause the program to crash...

The vulnerability of the stack protection function in the GNU Compiler Collection (GCC), various programming languages, allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the stack protection function in the GNU Compiler Collection GCC for various programming languages is related to a violation of the data protection mechanism. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of t...

SUSE SLES12 Security Update : binutils (SUSE-SU-2023:3695-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3695-1 advisory. Update to version 2.41 jscPED-5778: The MIPS port now supports the Sony Interactive Entertainment Allegrex processor, used with the...

Medium: gsl

Issue Overview: A buffer overflow can occur when calculating the quantile value using the Statistics Library of GSL GNU Scientific Library, versions 2.5 and 2.6. Processing a maliciously crafted input data for gslstatsquantilefromsorteddata of the library may lead to unexpected application...

Amazon Linux 2023 : gsl, gsl-devel (ALAS2023-2023-353)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-353 advisory. A buffer overflow can occur when calculating the quantile value using the Statistics Library of GSL GNU Scientific Library, versions 2.5 and 2.6. Processing a maliciously crafted input data for...

The vulnerability of the bfd_mach_o_get_synthetic_symtab function in the GNU Binutils development environment allows a attacker to cause a service failure or exert other effects.

The vulnerability of the bfdmachogetsyntheticsymtab function in the GNU Binutils development toolset is related to insufficient input validation. Exploiting this vulnerability could allow an attacker to cause service failures or other adverse effects...

The vulnerability of the libbfd library in the GNU Binutils development environment, related to reading beyond the buffer boundaries in memory, allows an attacker to gain unauthorized access to protected information.

The vulnerability of the libbfd library in the GNU Binutils development environment, within the Debian GNU operating system, relates to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...

The vulnerability of the process_symbol_table function in the GNU Binutils development environment allows a hacker to trigger a service failure.

The vulnerability of the processsymboltable function in the GNU Binutils development environment is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a system failure...

The vulnerability of the libbfd library in the GNU Binutils development environment, related to the handling of zero pointer operations, allows attackers to trigger a service failure.

The vulnerability of the libbfd library in the GNU Binutils development environment is related to the use of a zero pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the bfd_pef_parse_function_stubs function (bfd/pef.c) in the GNU Binutils development environment, related to the handling of zero pointers, allows a malicious actor to trigger a service failure.

The vulnerability of the bfdpefparsefunctionstubs function bfd/pef.c in the GNU Binutils development environment is related to the use of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

Vulnerability of the bfd_pef_parse_function_stubs function in the GNU Binutils development environment, caused by buffer overflow in dynamic memory, allowing an attacker to trigger a stack overflow.

The vulnerability of the bfdpefparsefunctionstubs function in the GNU Binutils development toolset, located in the bfd/pef.c file, is caused by a buffer overflow in the dynamic memory. Exploiting this vulnerability could allow an attacker to trigger a stack overflow...

The vulnerability of the `parse_stab_struct_fields` function in the GNU Binutils development environment, related to a memory leak, allows an attacker to cause a service failure.

The vulnerability of the parsestabstructfields function in the GNU development environment is related to a memory release error. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the `parse_module` function in the GNU Binutils development environment, which involves reading beyond the buffer boundaries in memory, allows an attacker to trigger a service failure or cause other adverse effects.

The vulnerability of the parsemodule function in the GNU Binutils development environment is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a system failure or exert other adverse effects...

The vulnerability of the GNU Binutils development tool lies in the improper handling of references before accessing files. This allows attackers to exploit their privileges.

The vulnerability of the GNU Binutils development tool lies in the incorrect definition of the reference before accessing a file. Exploiting this vulnerability can allow an attacker to enhance their privileges...