Rocky Linux 8 : libxml2 (RLSA-2022:5317)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:5317 advisory. - In libxml2 before 2.9.14, several buffer handling functions in buf.c xmlBuf and tree.c xmlBuffer don't check for integer overflows. This can result in...

Rocky Linux 8 : p11-kit (RLSA-2021:1609)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:1609 advisory. - An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit...

F5 Networks BIG-IP : procps-ng vulnerability (K16124204)

The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K16124204 advisory. - procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strv...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : zchunk (SUSE-SU-2023:4225-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4225-1 advisory. - zchunk before 1.3.2 has multiple integer overflows via malformed zchunk files to lib/comp/comp.c,...

Ubuntu 16.04 ESM : musl vulnerabilities (USN-4768-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4768-1 advisory. It was discovered that musl did not properly handle kernel syscalls. An attacker could use this vulnerability to cause a denial of service crash or...

CVE-2023-46228

zchunk before 1.3.2 has multiple integer overflows via malformed zchunk files to lib/comp/comp.c, lib/comp/zstd/zstd.c, lib/dl/multipart.c, or lib/header.c...

UBUNTU-CVE-2023-46228

zchunk before 1.3.2 has multiple integer overflows via malformed zchunk files to lib/comp/comp.c, lib/comp/zstd/zstd.c, lib/dl/multipart.c, or lib/header.c...

CVE-2023-46228

CVE-2023-46228 describes integer overflow vulnerabilities in zchunk before 1.3.2 triggered by malformed zchunk files in multiple components (lib/comp/comp.c, lib/comp/zstd/zstd.c, lib/dl/multipart.c, lib/header.c). Publicly disclosed references indicate affected packages across Linux distros (e.g...

CVE-2023-46228

zchunk before 1.3.2 has multiple integer overflows via malformed zchunk files to lib/comp/comp.c, lib/comp/zstd/zstd.c, lib/dl/multipart.c, or lib/header.c...

zlib Input Validation Error Vulnerability

zlib is a general-purpose data compression library by Mark Adler, an individual developer in the United States. An input validation error vulnerability exists in zlib 1.3 and earlier versions, which stems from the presence of integer overflows and heap-based buffer overflows...

Debian: Security Advisory (DLA-3606-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3606-1] freerdp2 security update

Debian LTS Advisory DLA-3606-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost October 07, 2023 https://wiki.debian.org/LTS Package : freerdp2 Version : 2.3.0+dfsg1-2+deb10u3 CVE ID : CVE-2020-4030 CVE-2020-4031 CVE-2020-4032 CVE-2020-4033 CVE-2020-11017 CVE-2020-110...

Amazon Linux AMI : libtiff (ALAS-2023-1839)

The version of libtiff installed on the remote host is prior to 4.0.3-35.49. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1839 advisory. Multiple potential integer overflow in raw2tiff.c in libtiff = 4.5.1 can allow remote attackers to cause a denial of service...

CVE-2023-41175

A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow...

AZL-31097 CVE-2023-41175 affecting package libtiff for versions less than 4.6.0-1

A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow...

CVE-2023-41175

A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow...

CVE-2023-41175

A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow...

UBUNTU-CVE-2023-41175

A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow...

CVE-2023-41175

A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow...

Oracle Linux 5 : Important: / cairo (ELSA-2007-1078)

The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2007-1078 advisory. 1.2.4-3 - Add cairo-1.2.4-alloc-overflow.patch - Resolves: bug 387521 Tenable has extracted the preceding description block directly from the Oracle Linux...