Lucene search
K

16992 matches found

OpenVAS
OpenVAS
added 2020/09/29 12:0 a.m.14 views

Fedora: Security Advisory for ghc-hakyll (FEDORA-2020-c39d7a562c)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.5CVSS6.5AI score0.01566EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/09/29 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for tar (EulerOS-SA-2020-2091)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.15155EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2020/09/29 12:0 a.m.29 views

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2020-2072)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7AI score0.03252EPSS
Exploits8References2
OpenVAS
OpenVAS
added 2020/09/29 12:0 a.m.23 views

Huawei EulerOS: Security Advisory for patch (EulerOS-SA-2020-2120)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6AI score0.03927EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/09/29 12:0 a.m.44 views

EulerOS Virtualization for ARM 64 3.0.6.0 : glibc (EulerOS-SA-2020-2019)

According to the version of the glibc packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - An exploitable signed comparison vulnerability exists in the ARMv7 memcpy implementation of GNU glibc 2.30.9000. Calling...

8.1CVSS7.7AI score0.05223EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/09/28 12:0 a.m.31 views

EulerOS 2.0 SP3 : patch (EulerOS-SA-2020-2120)

According to the version of the patch package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and...

5.9CVSS6.6AI score0.03927EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/09/28 12:0 a.m.46 views

EulerOS 2.0 SP3 : binutils (EulerOS-SA-2020-2072)

According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in dexpression1 in...

7.8CVSS7AI score0.03252EPSS
Exploits8References9
Tenable Nessus
Tenable Nessus
added 2020/09/28 12:0 a.m.36 views

EulerOS 2.0 SP3 : bash (EulerOS-SA-2020-2081)

According to the version of the bash package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An issue was discovered in disableprivmode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to...

7.8CVSS7.1AI score0.02608EPSS
Exploits5References2
Microsoft CVE
Microsoft CVE
added 2020/09/25 7:0 a.m.4 views

GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.

...

9.3CVSS7.7AI score0.0556EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2020/09/25 7:0 a.m.6 views

The string component in the GNU C Library (aka glibc or libc6) through 2.28 when running on the x32 architecture incorrectly attempts to use a 64-bit register for size_t in assembly codes which can lead to a segmentation fault or possibly unspecified other impact as demonstrated by a crash in __memmove_avx_unaligned_erms in sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S during a memcpy.

...

7.8CVSS8.8AI score0.00436EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2020/09/25 7:0 a.m.4 views

GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.

...

7.8CVSS8.8AI score0.02628EPSS
Exploits1
Microsoft CVE
Microsoft CVE
added 2020/09/25 7:0 a.m.4 views

An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy() this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.

...

8.1CVSS7AI score0.05223EPSS
Exploits0
OSV
OSV
added 2020/09/23 1:15 p.m.1 views

ALPINE-CVE-2020-14365

A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during installation even when disablegpgcheck is set to False, which is the default behavior. This flaw...

7.1CVSS7.2AI score0.00233EPSS
Exploits0References1
Veracode
Veracode
added 2020/09/21 6:39 a.m.26 views

Denial Of Service (DoS)

binutils:bionic is vulnerable to denial of service DoS. The getcount function in cplus-dem.c in GNU libiberty allows remote attackers to cause a denial of service malloc called with the result of an integer-overflowing calculation or possibly have unspecified other impact via a crafted string, as...

7.8CVSS6.1AI score0.02373EPSS
Exploits1References7Affected Software1
Veracode
Veracode
added 2020/09/21 6:36 a.m.30 views

Denial Of Service (DoS)

binutils:bionic is vulnerable to Denial Of Service DoS. An issue was discovered in cp-demangle.c in GNU libiberty. There is a stack consumption problem caused by the cplusdemangletype function making recursive calls to itself in certain scenarios involving many 'P' characters...

5.5CVSS3.7AI score0.01297EPSS
Exploits0References5Affected Software1
Veracode
Veracode
added 2020/09/21 6:32 a.m.29 views

Denial Of Service (DoS)

binutils is vulnerable to denial of service DoS. An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in bfddwarf2findnearestline in dwarf2.c, as demonstrated by nm...

6.5CVSS3.6AI score0.02396EPSS
Exploits1References8Affected Software1
Veracode
Veracode
added 2020/09/21 6:25 a.m.25 views

Denial Of Service (DoS)

binutils is vulnerable to Denial Of Service DoS. demangletemplate in cplus-dem.c in GNU libiberty allows attackers to trigger excessive memory consumption aka OOM during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump...

7.5CVSS6.8AI score0.0669EPSS
Exploits1References7Affected Software1
Veracode
Veracode
added 2020/09/21 6:24 a.m.32 views

Buffer Overflow

binutils:bionic is vulnerable to buffer overflow. An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfdelf32swapphdrin in elfcode.h because the number of program headers is not...

7.8CVSS3.4AI score0.01468EPSS
Exploits0References9Affected Software1
Veracode
Veracode
added 2020/09/21 6:21 a.m.32 views

Denial Of Service (DoS)

binutils:bionic is vulnerable to denial of service DoS. An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils. There is a stack consumption vulnerability resulting from infinite recursion in the functions dname, dencoding, and dlocalname in cp-demangle.c. Remot...

5.5CVSS4.5AI score0.01686EPSS
Exploits1References3Affected Software1
Veracode
Veracode
added 2020/09/21 6:21 a.m.37 views

Denial Of Service (DoS)

binutils:bionic is vulnerable to denial of service DoS. An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils. There is a heap-based buffer over-read in bfddoprnt in bfd.c because elfobjectp in elfcode.h mishandles an eshstrndx section of typ...

5.5CVSS2AI score0.01802EPSS
Exploits1References8Affected Software1
Rows per page
Query Builder