The vulnerability in the `default_add_message` function of the `read-catalog.c` file in the GNU project’s library, related to the internationalization of Gettext, allows a hacker to repeatedly release a memory area, enabling them to access confidential data, compromise its integrity, and cause service failures.

The vulnerability in the defaultaddmessage function of the read-catalog.c file in the GNU project’s library is related to the repeated release of a memory area. Exploiting this vulnerability could allow an attacker to gain access to confidential data, compromise its integrity, and even cause...

A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences.

...

Fedora: Security Advisory for libebml (FEDORA-2021-e283997bb9)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for eog (FEDORA-2021-303f6623fa)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for gnome-user-docs (FEDORA-2021-303f6623fa)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for kscreen (FEDORA-2021-85c9774673)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for plasma-workspace (FEDORA-2021-85c9774673)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CuteNews 2.1.2 Shell Upload

! /usr/bin/env python3 Exploit Title: CuteNews 2.1.2 - Avatar upload RCE Authenticated Exploit Author: Mayank Deshmukh Date: 2021-03-17 Vendor Homepage: https://cutephp.com/ Software Link: https://cutephp.com/click.php?cutenewslatest Version: 2.1.2 CVE: CVE-2019-11447 CVE Reference:...

USN-4839-1: python-gnupg vulnerabilities

Marcus Brinkmann discovered that python-gnupg improperly handled certain command line parameters. A remote attacker could use this to spoof the output of python-gnupg and cause unsigned e-mail to appear signed. CVE-2018-12020 It was discovered that python-gnupg incorrectly handled the GPG...

UBUNTU-CVE-2021-20232

A flaw was found in gnutls. A use after free issue in clientsendparams in lib/ext/presharedkey.c may lead to memory corruption and other potential consequences...

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2021-1590)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2021-1646)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-20284

A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in bfdelfslurpsecondaryrelocsection in elf.c due to the number of symbols not calculated correctly. The highest threat from this vulnerability is to system availability...

EulerOS Virtualization 3.0.6.6 : glibc (EulerOS-SA-2021-1477)

According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - On the x86-64 architecture, the GNU C Library aka glibc before 2.31 fails to ignore the LDPREFERMAP32BITEXEC environment variable...

grub2 resource management error vulnerability (CNVD-2021-16929)

grub2 is a Linux system boot program from the GNU community. A resource management error vulnerability exists in grub2 versions prior to 2.06, which stems from the rmmod command. No details of the vulnerability are provided at this time...

EulerOS Virtualization 2.9.1 : binutils (EulerOS-SA-2021-1590)

According to the versions of the binutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A Null Pointer Dereference vulnerability exists in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU...

grub2 buffer overflow vulnerability (CNVD-2021-16928)

grub2 is a Linux system boot program from the GNU community. A buffer overflow vulnerability exists in grub2 versions prior to 2.06 in the grubusbdeviceinitialize function, which handles USB device initialization. No details of the vulnerability are provided at this time...

grub2 buffer overflow vulnerability (CNVD-2021-16927)

grub2 is a Linux system boot program from the GNU community. A security vulnerability exists in grub2 versions prior to 2.06 which identifies a stack buffer overflow vulnerability in grubparsersplitcmdline. No details of the vulnerability are provided at this time...

NewStart CGSL MAIN 6.02 : binutils Multiple Vulnerabilities (NS-SA-2021-0090)

The remote NewStart CGSL host, running version MAIN 6.02, has binutils packages installed that are affected by multiple vulnerabilities: - findabstractinstance in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32, allows remote attackers to cause a...

Oracle Linux 7 : screen (ELSA-2021-0742)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2021-0742 advisory. 4.1.0-0.27.2012314git3c2946 - fix CVE-2021-26937 1927063 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...