SUSE SLES12 Security Update : u-boot (SUSE-SU-2022:2712-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2022:2712-1 advisory. - In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the i2c md command enables the corruption...

SUSE SLED15 / SLES15 Security Update : u-boot (SUSE-SU-2022:2661-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:2661-1 advisory. - squashfs filesystem implementation of U-Boot versions from v2020.10-rc2 to v2022.07-rc5 contains a heap- bas...

CVE-2022-34835

In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the "i2c md" command enables the corruption of the return address pointer of the doi2cmd function...

CVE-2022-34835

In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the "i2c md" command enables the corruption of the return address pointer of the doi2cmd function...

CVE-2022-34835

In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the "i2c md" command enables the corruption of the return address pointer of the doi2cmd function...

Integer overflow

In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the "i2c md" command enables the corruption of the return address pointer of the doi2cmd function...

CVE-2022-34835

In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the "i2c md" command enables the corruption of the return address pointer of the doi2cmd function...

CVE-2022-34835

CVE-2022-34835 affects U-Boot up to 2022.07-rc5, where an integer signedness error in the i2c md command can overflow a stack buffer and corrupt the return address pointer in do_i2c_md. This vulnerability could enable tampering with control flow; exploitation details are not provided in the conne...

CVE-2022-34835

In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the "i2c md" command enables the corruption of the return address pointer of the doi2cmd function...

Signed to Unsigned Conversion Error in Facebook Hermes

An Integer signedness error in the JavaScript Interpreter in Facebook Hermes prior to commit 2c7af7ec481ceffd0d14ce2d7c045e475fd71dc6 allows attackers to cause a denial of service attack or a potential RCE via crafted JavaScript. Note that this is only exploitable if the application using Hermes...

GHSA-P5GC-957X-GFW9 Go Ethereum LES protocol implementation vulnerable to Denial of Service

The GetBlockHeadersMsg handler in the LES protocol implementation in Go Ethereum aka geth before 1.8.11 may lead to an access violation because of an integer signedness error for the array index, which allows attackers to launch a Denial of Service attack by sending a packet with a -1 query.Skip...

Design/Logic Flaw

slaacd in OpenBSD 6.9 and 7.0 before 2022-03-22 has an integer signedness error and resultant heap-based buffer overflow triggerable by a crafted IPv6 router advertisement. NOTE: privilege separation and pledge can prevent exploitation...

CVE-2022-27882

OpenBSD slaacd (CVE-2022-27882) in OpenBSD 6.9 and 7.0 before 2022-03-22 contains an integer signedness error that can trigger a heap-based buffer overflow when processing crafted IPv6 router advertisements. Impact is described as a denial-of-service; privilege separation and pledge can prevent e...

Mageia: Security Advisory (MGASA-2016-0288)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-23967

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2019-15679. Reason: This candidate is a duplicate of CVE-2019-15679. Notes: All CVE users should reference CVE-2019-15679 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

EulerOS Virtualization 3.0.2.6 : gd (EulerOS-SA-2021-1431)

According to the versions of the gd package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Integer signedness error in GD Graphics Library 2.1.1 aka libgd or libgd2 allows remote attackers to cause a denial of service crash o...

Huawei EulerOS: Security Advisory for gd (EulerOS-SA-2021-1473)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for gd (EulerOS-SA-2021-1189)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-1913

The CVE-2020-1913 issue affects Facebook Hermes’ JavaScript interpreter and is caused by an Integer signedness error. A crafted JavaScript payload can cause denial of service or potentially remote code execution if untrusted JS is evaluated by the Hermes runtime. The description notes that most R...

Debian: Security Advisory (DLA-2197-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...