16992 matches found
glibc: stack corruption from crafted input in cosl, sinl, sincosl, and tanl functions
A flaw was found in glibc in versions prior to 2.32. Pseudo-zero values are not validated causing a stack corruption due to a stack-based overflow. The highest threat from this vulnerability is to system availability...
glibc: array overflow in backtrace functions for powerpc
An out-of-bounds write vulnerability was found in glibc when handling signal trampolines on PowerPC. The backtrace function did not properly check the array bounds when storing the frame address resulting in a denial of service or potential code execution. The highest threat from this vulnerabili...
glibc: use-after-free in glob() function when expanding ~user
A use-after-free vulnerability was found in glibc in the way the tilde expansion was carried out. Directory paths containing an initial tilde followed by a valid username were affected by this issue. A local attacker could exploit this flaw by creating a specially crafted path that, when processe...
Moderate: libarchive security update
The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file...
ALSA-2020:4443 Moderate: libarchive security update
The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file...
EulerOS 2.0 SP2 : binutils (EulerOS-SA-2020-2330)
According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in dexpression1 in...
EulerOS 2.0 SP2 : patch (EulerOS-SA-2020-2378)
According to the version of the patch package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and...
Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by multiple vulnerabilities in GNU C Library (glibc), krb5 and php
Summary IBM BladeCenter Advanced Management Module AMM has addressed the following vulnerabilities. Vulnerability Details Summary IBM BladeCenter Advanced Management Module AMM has addressed the following vulnerabilities. Vulnerability Details: CVE-ID: CVE-2013-2207 Description: The GNU C Library...
openSUSE Security Update : binutils (openSUSE-2020-1804)
This update for binutils fixes the following issues : binutils was updated to version 2.35. jscECO-2373 Update to binutils 2.35 : - The assembler can now produce DWARF-5 format line number tables. - Readelf now has a 'lint' mode to enable extra checks of the files it is processing. - Readelf will...
EulerOS 2.0 SP5 : mailman (EulerOS-SA-2020-2291)
According to the version of the mailman package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted...
Huawei EulerOS: Security Advisory for mailman (EulerOS-SA-2020-2256)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for mailman (EulerOS-SA-2020-2291)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux 2 : glibc (ALAS-2020-1517)
The version of glibc installed on the remote host is prior to 2.26-36. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2020-1517 advisory. In the GNU C Library aka glibc or libc6 through 2.28, the getaddrinfo function would successfully parse a string that contained an IP...
Adtec Digital Products Hardcoded Credentials / Remote Root
Exploit Title: Adtec Digital Multiple Products - Default Hardcoded Credentials Remote Root Date: 2020-07-24 Exploit Author: LiquidWorm Software Link: https://www.adtecdigital.com / https://www.adtecdigital.com/support/documents-downloads Version: Multiple Adtec Digital Multiple Products - Default...
Adtec Digital Multiple Products - Default Hardcoded Credentials Remote Root Vulnerability
Exploit Title: Adtec Digital Multiple Products - Default Hardcoded Credentials Remote Root Date: 2020-07-24 Exploit Author: LiquidWorm Software Link: https://www.adtecdigital.com / https://www.adtecdigital.com/support/documents-downloads Version: Multiple Adtec Digital Multiple Products - Default...
Amazon Linux 2 : mailman (ALAS-2020-1536)
The version of mailman installed on the remote host is prior to 2.1.15-30. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1536 advisory. A cross-site scripting vulnerability XSS has been discovered in mailman due to the hostname field not being properly...
Fedora: Security Advisory for librepo (FEDORA-2020-b40fc174b5)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Huawei GaussDB Kernel Detection (Linux/Unix SSH Login)
SSH login-based detection of Huawei GaussDB Kernel. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
The vulnerability of the libbfd library in the GNU Binutils development environment allows a hacker to trigger a service failure.
The vulnerability of the libbfd library function elfreadnotes elf.c in the GNU Binutils development environment is related to the distribution of resources without restrictions. Exploiting this vulnerability could allow an attacker to cause a service failure...
Unspecified Vulnerability in GNU C Library (CNVD-2021-26206)
The GNU C Library glibc, libc6 is an open-source, free C language compiler released under the LGPL license.Library is one of the libraries. A security vulnerability exists in the GNU C Library aka glibc versions prior to 2.2. The vulnerability stems from a missing statement about the unspecified...