16992 matches found
GNU C Library 缓冲区错误漏洞
The GNU C Library glibc is an open-source, free, easy-to-download C compiler released under the LGPL license. A stack buffer overflow vulnerability exists in sysdeps/i386/ldbl2mpn.c in versions of the GNU C Library prior to 2.23. An attacker can cause a stack buffer overflow by exploiting this...
CVE-2020-29562
The iconv function in the GNU C Library aka glibc or libc6 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service...
CVE-2020-29562
The iconv function in the GNU C Library aka glibc or libc6 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service...
CVE-2020-29562
The iconv function in the GNU C Library aka glibc or libc6 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service...
UBUNTU-CVE-2020-29562
The iconv function in the GNU C Library aka glibc or libc6 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service...
CVE-2020-29562
The iconv function in the GNU C Library aka glibc or libc6 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service...
CVE-2020-29562
The iconv function in the GNU C Library aka glibc or libc6 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service...
GNU C Library 安全漏洞
The GNU C Library glibc is an open-source, free, easy-to-download C compiler released under the LGPL license. An assertion failure vulnerability exists in the iconv function in GNU C Library versions 2.30 through 2.32. An attacker can exploit this vulnerability to cause a denial of service via UC...
PT-2020-7011 · Gnu +5 · Gsl +5
Name of the Vulnerable Software and Affected Versions: GSL GNU Scientific Library versions 2.5 and 2.6 Description: A buffer overflow can occur when calculating the quantile value using the Statistics Library of GSL. Processing a maliciously crafted input data for gsl stats quantile from sorted...
ATX MiniCMTS200a Broadband Gateway 2.0 Credential Disclosure
Exploit Title: ATX MiniCMTS200a Broadband Gateway 2.0 - Credential Disclosure Date: 2020-11-20 Exploit Author: Zagros Bingol Vendor Homepage: http://www.atx.com Software Link: https://atx.com/products/commercial-services-gateways/minicmts200a-broadband-gateway/ Version: 2.0 and earlier Tested on:...
Fedora: Security Advisory for pam (FEDORA-2020-22532a1a81)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
GaussDB Kernel: Enabling the Database Auditing
After a security event occurs, audit logs are used to trace the event, locate faults, and clarify responsibilities. You are advised to set auditenabled to on. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
GaussDB Kernel: Setting Source IP Address for host Entries in the pg_hba.conf File
If source IP address is set to all or 0.0.0.0/0 for host entries, any IP addresses can access the database. You are advised to set source IP address for host entries to the IP address that needs to connect to the database. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be...
UBUNTU-CVE-2020-28367
Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via malicious gcc flags specified via a cgo directive...
Oracle Linux 8 : mailman:2.1 (ELSA-2020-4667)
The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2020-4667 advisory. - Fix for CVE-2020-12137 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested...
Fedora: Security Advisory for galera (FEDORA-2020-561eed63ef)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE: Security Advisory for sddm (openSUSE-SU-2020:1870-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OpenSSL 0.9.7-beta Buffer Overflow Vulnerability
OpenSSL is prone to a buffer overflow vulnerability. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
gnupg2: Cross site request forgery in dirmngr resulting in an information disclosure or denial of service
GnuPG version 2.1.12 - 2.2.11 contains a Cross ite Request Forgery CSRF vulnerability in dirmngr that can result in Attacker controlled CSRF, Information Disclosure, DoS. This attack appear to be exploitable via Victim must perform a WKD request, e.g. enter an email address in the composer window...
GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack which leads to persistent DoS
Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service...