16992 matches found
Fedora: Security Advisory for ghc-hakyll (FEDORA-2020-c39d7a562c)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Huawei EulerOS: Security Advisory for tar (EulerOS-SA-2020-2091)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2020-2072)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for patch (EulerOS-SA-2020-2120)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization for ARM 64 3.0.6.0 : glibc (EulerOS-SA-2020-2019)
According to the version of the glibc packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - An exploitable signed comparison vulnerability exists in the ARMv7 memcpy implementation of GNU glibc 2.30.9000. Calling...
EulerOS 2.0 SP3 : patch (EulerOS-SA-2020-2120)
According to the version of the patch package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and...
EulerOS 2.0 SP3 : binutils (EulerOS-SA-2020-2072)
According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. It is a heap-based buffer over-read in dexpression1 in...
EulerOS 2.0 SP3 : bash (EulerOS-SA-2020-2081)
According to the version of the bash package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An issue was discovered in disableprivmode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to...
GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style diff payload with shell metacharacters. The ed editor does not need to be present on the vulnerable system. This is different from CVE-2018-1000156.
...
The string component in the GNU C Library (aka glibc or libc6) through 2.28 when running on the x32 architecture incorrectly attempts to use a 64-bit register for size_t in assembly codes which can lead to a segmentation fault or possibly unspecified other impact as demonstrated by a crash in __memmove_avx_unaligned_erms in sysdeps/x86_64/multiarch/memmove-vec-unaligned-erms.S during a memcpy.
...
GNU gdb All versions is affected by: Buffer Overflow - Out of bound memory access. The impact is: Deny of Service, Memory Disclosure, and Possible Code Execution. The component is: The main gdb module. The attack vector is: Open an ELF for debugging. The fixed version is: Not fixed yet.
...
An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU glibc 2.30.9000. Calling memcpy() (on ARMv7 targets that utilize the GNU glibc implementation) with a negative value for the 'num' parameter results in a signed comparison vulnerability. If an attacker underflows the 'num' parameter to memcpy() this vulnerability could lead to undefined behavior such as writing to out-of-bounds memory and potentially remote code execution. Furthermore this memcpy() implementation allows for program execution to continue in scenarios where a segmentation fault or crash should have occurred. The dangers occur in that subsequent execution and iterations of this code will be executed with this corrupted data.
...
ALPINE-CVE-2020-14365
A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. GPG signatures are ignored during installation even when disablegpgcheck is set to False, which is the default behavior. This flaw...
Denial Of Service (DoS)
binutils:bionic is vulnerable to denial of service DoS. The getcount function in cplus-dem.c in GNU libiberty allows remote attackers to cause a denial of service malloc called with the result of an integer-overflowing calculation or possibly have unspecified other impact via a crafted string, as...
Denial Of Service (DoS)
binutils:bionic is vulnerable to Denial Of Service DoS. An issue was discovered in cp-demangle.c in GNU libiberty. There is a stack consumption problem caused by the cplusdemangletype function making recursive calls to itself in certain scenarios involving many 'P' characters...
Denial Of Service (DoS)
binutils is vulnerable to denial of service DoS. An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in bfddwarf2findnearestline in dwarf2.c, as demonstrated by nm...
Denial Of Service (DoS)
binutils is vulnerable to Denial Of Service DoS. demangletemplate in cplus-dem.c in GNU libiberty allows attackers to trigger excessive memory consumption aka OOM during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump...
Buffer Overflow
binutils:bionic is vulnerable to buffer overflow. An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfdelf32swapphdrin in elfcode.h because the number of program headers is not...
Denial Of Service (DoS)
binutils:bionic is vulnerable to denial of service DoS. An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils. There is a stack consumption vulnerability resulting from infinite recursion in the functions dname, dencoding, and dlocalname in cp-demangle.c. Remot...
Denial Of Service (DoS)
binutils:bionic is vulnerable to denial of service DoS. An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils. There is a heap-based buffer over-read in bfddoprnt in bfd.c because elfobjectp in elfcode.h mishandles an eshstrndx section of typ...