17000 matches found
CVE-2018-12641
An issue was discovered in armpt in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demanglearmhptemplate, demangleclassname, demanglefundtype, dotype, doarg,...
EulerOS 2.0 SP5 : patch (EulerOS-SA-2020-1317)
According to the version of the patch package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and...
OpenSSH 7.7 - 7.9, 8.x < 8.1 Integer Overflow Vulnerability
OpenSSH is prone to an integer overflow vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openbsd:openssh";...
Linux: Read GRUB config files (KB)
The GRUB Grand Unified Bootloader is a bootloader available from the GNU project. A bootloader is very important as it is impossible to start an operating system without it. It is the first program which starts when the program is switched on. The bootloader transfers the control to the operating...
CVE-2018-17358
An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31. An invalid memory access exists in bfdstabsectionfindnearestline in syms.c. Attackers could leverage this vulnerability to cause a denial of service application crash via a crafted E...
DEBIAN-CVE-2019-14855
A flaw was found in the way certificate signatures could be forged using collisions found in the SHA-1 algorithm. An attacker could use this weakness to create forged certificate signatures. This issue affects GnuPG versions before 2.2.18...
GLSA-202003-41 : GNU FriBidi: Heap-based buffer overflow
The remote host is affected by the vulnerability described in GLSA-202003-41 GNU FriBidi: Heap-based buffer overflow A heap-based buffer overflow vulnerability was found in GNU FriBidi. Impact : A remote attacker could possibly cause a memory corruption, execute arbitrary code with the privileges...
Broadcom Wi-Fi Devices - (KR00K) Information Disclosure Exploit
Kr00ker Experimetal KR00K PoC in python3 using scapy Description: This script is a simple experiment to exploit the KR00K vulnerability CVE-2019-15126, that allows to decrypt some WPA2 CCMP data in vulnerable devices. More specifically this script attempts to retrieve Plaintext Data of WPA2 CCMP...
GNU FriBidi: Heap-based buffer overflow
Background The Free Implementation of the Unicode Bidirectional Algorithm. Description A heap-based buffer overflow vulnerability was found in GNU FriBidi. Impact A remote attacker could possibly cause a memory corruption, execute arbitrary code with the privileges of the process or cause a Denia...
Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Apple Ipados
kr00ker ============ Description This script is a simple ex...
CVE-2020-9391
A heap corruption flaw was found in the Linux kernel on the AArch64 architecture. The top byte is ignored in the address passed to the brk system call, potentially moving the memory break downwards when the application expects it to move upwards. This has been observed to cause heap corruption...
CVE-2018-18484
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack consumption problem caused by recursive stack frames: cplusdemangletype, dbarefunctiontype,...
EulerOS Virtualization for ARM 64 3.0.2.0 : patch (EulerOS-SA-2020-1225)
According to the versions of the patch package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in GNU patch before 2.7.6. Out-of-bounds access within pchwriteline in pch.c can possibly lead t...
EulerOS Virtualization for ARM 64 3.0.2.0 : gettext (EulerOS-SA-2020-1248)
According to the version of the gettext packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - An issue was discovered in GNU gettext 0.19.8. There is a double free in defaultaddmessage in read-catalog.c, related to...
Huawei EulerOS: Security Advisory for tar (EulerOS-SA-2020-1245)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for gettext (EulerOS-SA-2020-1248)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2020-1229)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for less (EulerOS-SA-2020-1238)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for patch (EulerOS-SA-2020-1225)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libidn (EulerOS-SA-2020-1265)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...