55 matches found
MiracleLinux 4 : hivex-1.3.3-4.3.AXS4 (AXSA:2015-405:01)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-405:01 advisory. Hive files are the undocumented binary blobs that Windows uses to store the Windows Registry on disk. Hivex is a library that can read and write to these file...
EUVD-2021-26925
Malware in sbrugna...
EUVD-2021-26823
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2021-3504
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the hivex library in versions before 1.3.20. It is caused due to a lack of bounds check within the hivexopen function. An attacker could inp...
Linux Distros Unpatched Vulnerability : CVE-2021-3622
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry hive file, which would cause hivex to...
Advisory ROSA-SA-2023-2310
software: hivex 1.3.23 OS: ROSA-CHROME packageevrstring: hivex-1.3.23-4.src.rpm CVE-ID: CVE-2021-3622 BDU-ID: 2021-04419 CVE-Crit: LOW CVE-DESC.: A vulnerability in the getchildren function of the getchildren library for retrieving the contents of Windows hivex registry branches is related to the...
SUSE CVE-2021-3504
A flaw was found in the hivex library in versions before 1.3.20. It is caused due to a lack of bounds check within the hivexopen function. An attacker could input a specially crafted Windows Registry hive file which would cause hivex to read memory beyond its normal bounds or cause the program to...
SUSE CVE-2021-3622
A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry hive file, which would cause hivex to recursively call the getchildren function, leading to a stack overflow. The highest threat from this vulnerability is to system availability...
EulerOS Virtualization 3.0.2.2 : hivex (EulerOS-SA-2023-1259)
According to the versions of the hivex packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the hivex library in versions before 1.3.20. It is caused due to a lack of bounds check within the hivexopen...
Oracle Linux 8 : virt:ol / and / virt-devel:ol (ELSA-2022-1759)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-1759 advisory. - Limit recursion in ri-records CVE-2021-3622 resolves: rhbz1976194 - Fixes: CVE-2021-33285, CVE-2021-33286, CVE-2021-33287, CVE-2021-33289,...
EulerOS Virtualization 3.0.6.0 : hivex (EulerOS-SA-2022-1068)
According to the versions of the hivex packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the hivex library in versions before 1.3.20. It is caused due to a lack of bounds check within the hivexopen...
Rocky Linux 8 : virt:rhel and virt-devel:rhel (RLSA-2021:3061)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:3061 advisory. - hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation. CVE-2020-13754 ...
A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry (hive) file which would cause hivex to recursively call the _get_children() function leading to a stack overflow. The highest threat from this vulnerability is to system availability.
...
EulerOS Virtualization 3.0.2.0 : hivex (EulerOS-SA-2021-2822)
According to the versions of the hivex packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry hive file, which...
CVE-2021-3622
A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry hive file, which would cause hivex to recursively call the getchildren function, leading to a stack overflow. The highest threat from this vulnerability is to system availability...
CVE-2021-3622
A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry hive file, which would cause hivex to recursively call the getchildren function, leading to a stack overflow. The highest threat from this vulnerability is to system availability...
Stack overflow
A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry hive file, which would cause hivex to recursively call the getchildren function, leading to a stack overflow. The highest threat from this vulnerability is to system availability...
CVE-2021-3622
A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry hive file, which would cause hivex to recursively call the getchildren function, leading to a stack overflow. The highest threat from this vulnerability is to system availability...
UBUNTU-CVE-2021-3622
A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry hive file, which would cause hivex to recursively call the getchildren function, leading to a stack overflow. The highest threat from this vulnerability is to system availability...
CVE-2021-3622
A flaw was found in the hivex library. This flaw allows an attacker to input a specially crafted Windows Registry hive file, which would cause hivex to recursively call the getchildren function, leading to a stack overflow. The highest threat from this vulnerability is to system availability...