CVE-2020-25693

A flaw was found in CImg in versions prior to 2.9.3. Integer overflows leading to heap buffer overflows in loadpnm can be triggered by a specially crafted input file processed by CImg, which can lead to an impact to application availability or data integrity...

CVE-2020-25676

A flaw was found ImageMagick. Multiple unconstrained pixel offset calculations produce undefined behavior in the form of out-of-range and integer overflows. These instances of undefined behavior could be triggered by an attacker who is able to supply a crafted input file. The highest threat from...

Ubuntu: Security Advisory (USN-4607-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4607-2: OpenJDK regressions

USN-4607-1 fixed vulnerabilities and added features in OpenJDK. Unfortunately, that update introduced a regression that could cause TLS connections with client certificate authentication to fail in some situations. This update fixes the problem. We apologize for the inconvenience. Original adviso...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : OpenJDK regressions (USN-4607-2)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4607-2 advisory. USN-4607-1 fixed vulnerabilities and added features in OpenJDK. Unfortunately, that update introduced a regression that could cau...

EulerOS 2.0 SP2 : php (EulerOS-SA-2020-2384)

According to the versions of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A use-after-free in onignewdeluxe in regext.c in Oniguruma 6.9.2 allows attackers to potentially cause information disclosure, denial of service, o...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : OpenJDK vulnerabilities (USN-4607-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4607-1 advisory. It was discovered that OpenJDK incorrectly handled deserializing Proxy class objects with many interfaces. A remote attacker coul...

Ubuntu: Security Advisory (USN-4607-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-4607-1: OpenJDK vulnerabilities

It was discovered that OpenJDK incorrectly handled deserializing Proxy class objects with many interfaces. A remote attacker could possibly use this issue to cause a denial of service memory consumption via a specially crafted input. CVE-2020-14779 Sergey Ostanin discovered that OpenJDK incorrect...

EulerOS Virtualization for ARM 64 3.0.6.0 : libXrandr (EulerOS-SA-2020-2005)

According to the versions of the libXrandr package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - X.org libXrandr before 1.5.1 allows remote X servers to trigger out-of-bounds write operations by leveraging...

EulerOS Virtualization for ARM 64 3.0.6.0 : grub2 (EulerOS-SA-2020-2000)

According to the versions of the grub2 packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Integer overflows were discovered in the functions grubcmdinitrd and grubinitrdinit in the efilinux component of GRUB2,...

EulerOS Virtualization for ARM 64 3.0.6.0 : libXi (EulerOS-SA-2020-2032)

According to the versions of the libXi package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - X.org libXi before 1.7.7 allows remote X servers to cause a denial of service infinite loop via vectors involving length...

EulerOS Virtualization for ARM 64 3.0.6.0 : libXtst (EulerOS-SA-2020-2007)

According to the versions of the libXtst package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - X.org libXtst before 1.2.3 allows remote X servers to cause a denial of service infinite loop via a reply in the 1...

Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2020-2000)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libXrandr (EulerOS-SA-2020-2005)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libXi (EulerOS-SA-2020-2032)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Integer Overflows

bson is vulnerable to Integer Overflows. It incorrectly uses int rather than sizet for many variables, parameters, and return values. In particular, the bsonensurespace parameter bytesNeeded could have an integer overflow via properly constructed bson input...

Integer Overflows

GCC is vulnerable to integer overflows in libgfortran which allow remote attackers to execute arbitrary code or cause a denial of service Fortran application crash via vectors related to array allocation...

EulerOS Virtualization for ARM 64 3.0.2.0 : php (EulerOS-SA-2020-1969)

According to the versions of the php packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated we...

EulerOS 2.0 SP8 : grub2 (EulerOS-SA-2020-1853)

According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The GRand Unified Bootloader GRUB is a highly configurable and customizable bootloader with modular architecture. It supports a rich variety of...