Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.5.2)

The version of AOS installed on the remote host is prior to 6.5.2. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.5.2 advisory. - http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection ...

Amazon Linux 2022 : emacs, emacs-common, emacs-devel (ALAS2022-2023-277)

It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2023-277 advisory. GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation o...

gcc-toolset-12-gcc bug fix update

An update is available for gcc-toolset-12-gcc. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GCC Toolset 12 is a compiler toolset that provides recent versions...

Fedora: Security Advisory for upx (FEDORA-2023-89fdc22ace)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Exploit for Out-of-bounds Write in Gnu Binutils

PoC exploit for CVE-2021-20294, a vulnerability in a specific pr...

Fedora: Security Advisory for php (FEDORA-2023-2dc2d607ba)

The remote host is missing an update for the Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a buffer overflow and underflow in GNU C Library (CVE-2021-3999)

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a buffer overflow and underflow in GNU C Library CVE-2021-3999. This is included as part of the base-image used in our Speech-to-Text and Text-to-Speech service components. Please see below for details on how...

Security Bulletin: A vulnerability with GNU wget affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data (CVE-2016-4971)

Summary A vulnerability with GNU wget affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data CVE-2016-4971. Please see below for details on how to remediate this issue. Vulnerability Details CVEID:CVE-2016-4971 DESCRIPTION: GNU wget could allow a remote attacker to traverse...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security restrictions bypass in GNU C Library (CVE-2019-19126)

Summary Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security restrictions bypass in GNU C Library, caused by failing to ignore the LDPREFERMAP32BITEXEC environment variable during program execution. CVE-2019-19126. GNU C Library is used as...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in GNU Tar (CVE-2019-9923).

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in GNU Tar, caused by a NULL point dereference in the paxdecodeheader in sparse.c CVE-2019-9923. A remote attacker could exploit this vulnerability to cause the application to crash. GNU T...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in GNU glibc (CVE-2020-1751).

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in GNU glibc, caused by an out-of-bounds write when handling signal trampolines on PowerPC CVE-2020-1751. GNU glibc is used as part of the base image included in our service components...

Security Bulletin: A vulnerability in 'GNU Wget' affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data (CVE-2018-20483)

Summary A vulnerability in 'GNU Wget' affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data CVE-2018-20483. Please see the details below on how to remediate this issue. Vulnerability Details CVEID:CVE-2018-20483 DESCRIPTION: GNU Wget could allow a local authenticated attacker to...

Security Bulletin: A vulnerability with GNU Wget affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data (CVE-2018-0494)

Summary A vulnerability with GNU Wget affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data CVE-2018-0494. Please see the details below on how to remediate this issue. Vulnerability Details CVEID:CVE-2018-0494 DESCRIPTION: GNU Wget could allow a remote attacker to bypass securit...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in GNU glibc (CVE-2020-1752)

Summary BM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in GNU glibc, through the execution of arbitrary code on the system, caused by a use-after-free CVE-2020-1752. GNU glibc is used as part of the base image included in our service components...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to stack-based buffer overflow in GNU C Library (CVE-2022-23219)

Summary Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to stack-based buffer overflow in GNU C Library CVE-2022-23219. This is included as part of the base-image used in our Speech-to-Text and Text-to-Speech service components. Please see below fo...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in GNU C Library ( CVE-2020-10029)

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in GNU C Library, caused by a stack-based overflow during range reduction CVE-2020-10029. GNU C Library is used as part of the base image included in our service components. Please read th...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security bypass in GNU Gzip (CVE-2022-1271)

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a security bypass in GNU Gzip caused by improper validation of file name by the zgrep utility CVE-2022-1271. GNU Gzip and the zgrep utility are used as part of the base image included in our service component...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to information disclosure or denial of service in GNU glibc (CVE-2021-35942).

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to information disclosure and denial of service in GNU glibc, caused by a flaw when called with an untrusted, crafted pattern in thewordexp function. CVE-2021-35942. GNU glibc is used as part of the base image...

Security Bulletin: glibc Vulnerability affects Watson Speech Services

Summary A Redhat glibc Vulnerability affecting Watson Speech Services has been fixed in the latest version of IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data 4.0.3 Vulnerability Details CVEID:CVE-2021-35942 DESCRIPTION: GNU C Library aka glibc could allow a local attacker to obtai...

Security Bulletin: A vulnerability in GNU Tar affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data (CVE-2019-9923)

Summary A vulnerability in GNU Tar affects IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data CVE-2019-9923. Please see the steps below to remediate this issue. Vulnerability Details CVEID:CVE-2019-9923 DESCRIPTION: GNU Tar is vulnerable to a denial of service, caused by a NULL point...