Fedora: Security Advisory for kernel-headers (FEDORA-2022-8efcea6e67)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Huawei EulerOS: Security Advisory for emacs (EulerOS-SA-2022-1528)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle MySQL Server 8.0 <= 8.0.28 Security Update (cpuapr2022) - Windows

Oracle MySQL Server is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql"; if...

Fedora: Security Advisory for gzip (FEDORA-2022-6746dde2a0)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Oracle OpenJDK ECDSA Signatures Vulnerability (CVE-2022-21449)

Oracle OpenJDK is prone to vulnerability in the implementation of ECDSA signature verification Component: security-libs/java.security. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Oracle OpenJDK Multiple Vulnerabilities (Apr 2022)

Oracle OpenJDK is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security Bulletin: App Connect Professional is affected by GNU C Library vulnerability

Summary App Connect Professional have addressed the following vulnerability reported in GNU C Library. Vulnerability Details CVEID: CVE-2022-23218 DESCRIPTION: GNU C Library aka glibc is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the svcunixcreate function ...

Security Bulletin: App Connect Professional is affected by GNU C Library vulnerability

Summary App Connect Professional have addressed the following vulnerability reported in GNU C Library. Vulnerability Details CVEID: CVE-2022-23219 DESCRIPTION: GNU C Library aka glibc is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the clntcreate function in...

Security Bulletin: App Connect Professional is affected by GNU C Library vulnerability

Summary App Connect Professional have addressed the following vulnerability reported in GNU C Library. Vulnerability Details CVEID: CVE-2021-3999 DESCRIPTION: GNU glibc is vulnerable to an off-by-one buffer overflow and underflow, caused by improper bounds checking by the getcwd function. By...

USN-5380-1: Bash vulnerability

It was discovered that Bash did not properly drop privileges when the binary had the setuid bit enabled. An attacker could possibly use this issue to escalate privileges...

EulerOS 2.0 SP10 : binutils (EulerOS-SA-2022-1481)

According to the versions of the binutils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the Bidirectional Algorithm in the Unicode Specification through 14.0. It permits the visual reordering of character...

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2022-1481)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for dhcp (FEDORA-2022-a88218de5c)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Debian DSA-5123-1 : xz-utils - security update

The remote Debian 10 / 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5123 advisory. - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file...

SUSE SLES15 Security Update : gzip (SUSE-SU-2022:1250-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2022:1250-1 advisory. - CVE-2022-1271: Fixed an incorrect escaping of malicious filenames ZDI-CAN-16587. bsc1198062 Tenable has extracted the preceding descriptio...

Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current gzip Vulnerability (SSA:2022-104-02)

The version of gzip installed on the remote host is prior to 1.12. It is, therefore, affected by a vulnerability as referenced in the SSA:2022-104-02 advisory. - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name f...

Slackware Linux 14.0 / 14.1 / 14.2 / 15.0 / current xz Vulnerability (SSA:2022-104-03)

The version of xz installed on the remote host is prior to 5.2.5. It is, therefore, affected by a vulnerability as referenced in the SSA:2022-104-03 advisory. - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name fo...

Ubuntu 16.04 ESM : XZ Utils vulnerability (USN-5378-3)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5378-3 advisory. USN-5378-2 fixed a vulnerability in XZ Utils. This update provides the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM. Tenable has extracted the precedin...

SUSE SLES12 Security Update : xz (SUSE-SU-2022:1160-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:1160-1 advisory. - CVE-2022-1271: Fixed an incorrect escaping of malicious filenames ZDI-CAN-16587. bsc1198062 Tenable has extracted the preceding descriptio...

Ubuntu 18.04 LTS / 20.04 LTS : XZ Utils vulnerability (USN-5378-2)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5378-2 advisory. Cleemy Desu Wayo discovered that XZ Utils incorrectly handled certain filenames. If a user or automated system were tricked into performing xzgrep...