443 matches found
SUSE CVE-2020-27618
The iconv function in the GNU C Library aka glibc or libc6 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a deni...
SUSE CVE-2020-29562
The iconv function in the GNU C Library aka glibc or libc6 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service...
SUSE CVE-2021-43396
In iconvdata/iso-2022-jp-3.c in the GNU C Library aka glibc 2.34, remote attackers can force iconv to emit a spurious '\0' character via crafted ISO-2022-JP-3 data that is accompanied by an internal state reset. This may affect data integrity in certain iconv use cases. NOTE: the vendor states "t...
The vulnerability of the iconv function in the glibc library, which allows a hacker to cause a service failure
The vulnerability of the iconv function in the glibc library is related to the lack of use of the assert function. This vulnerability allows a malicious actor to cause a service failure...
CLSA-2022-1671481209 Fix CVE(s): CVE-2020-27618, CVE-2019-25013
SECURITY UPDATE: buffer overrun in EUC-KR conversion module - debian/patches/any/CVE-2019-25013: skip two bytes when told to skip over the unknown designation, potentially running over the buffer end - CVE-2019-25013 SECURITY UPDATE: hang in the iconv program - debian/patches/any/CVE-2020-27618:...
USN-5768-1 glibc vulnerabilities
Jan Engelhardt, Tavis Ormandy, and others discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could possibly use this issue to cause the GNU C Library to hang or crash, resulting in a denial of service. CVE-2016-10228, CVE-2019-25013,...
USN-5768-1: GNU C Library vulnerabilities
Jan Engelhardt, Tavis Ormandy, and others discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could possibly use this issue to cause the GNU C Library to hang or crash, resulting in a denial of service. CVE-2016-10228, CVE-2019-25013,...
USN-5699-1 glibc vulnerabilities
Jan Engelhardt, Tavis Ormandy, and others discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could possibly use this issue to cause the GNU C Library to hang or crash, resulting in a denial of service. CVE-2021-3326 It was discovered that the...
USN-5699-1: GNU C Library vulnerabilities
Jan Engelhardt, Tavis Ormandy, and others discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could possibly use this issue to cause the GNU C Library to hang or crash, resulting in a denial of service. CVE-2021-3326 It was discovered that the...
Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2022-2501)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.6.6 : glibc (EulerOS-SA-2022-2501)
According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The nameserver caching daemon nscd in the GNU C Library aka glibc or libc6 2.29 through 2.33, when processing a request for netgro...
MAL-2022-2935 Malicious code in ext-iconv-test1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 97a9b9fa77d6e5d0e247b49cdc5c3f1285d8e834909891a98d1c123d28b1817f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-2933 Malicious code in ext-iconv-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b63dde7a4e97e11bb43a289c4d48ca88faad03ce74893426b52faf2019aabb50 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in ext-iconv-test1 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 97a9b9fa77d6e5d0e247b49cdc5c3f1285d8e834909891a98d1c123d28b1817f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-2934 Malicious code in ext-iconv-test-3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ca41764ebc9b23bb68e27f052f70923177485babd831d5ea16ba901143a16926 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in ext-iconv-test (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b63dde7a4e97e11bb43a289c4d48ca88faad03ce74893426b52faf2019aabb50 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in ext-iconv-test-3 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ca41764ebc9b23bb68e27f052f70923177485babd831d5ea16ba901143a16926 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
SUSE SLES15 Security Update : php7 (SUSE-SU-2022:1768-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:1768-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C Tenable, Inc...
SUSE SLES12 Security Update : php7 (SUSE-SU-2022:1764-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:1764-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C Tenable, Inc...
SUSE SLES12 Security Update : php72 (SUSE-SU-2022:1714-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:1714-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C Tenable, Inc...