NewStart CGSL CORE 5.05 / MAIN 5.05 : gd Vulnerability (NS-SA-2021-0182)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has gd packages installed that are affected by a vulnerability: - Integer overflow in the gd2GetHeader function in gdgd2.c in the GD Graphics Library aka libgd before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, an...

NewStart CGSL CORE 5.04 / MAIN 5.04 : docker-ce Vulnerability (NS-SA-2021-0103)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has docker-ce packages installed that are affected by a vulnerability: - In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege...

NewStart CGSL CORE 5.05 / MAIN 5.05 : cpio Vulnerability (NS-SA-2021-0169)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has cpio packages installed that are affected by a vulnerability: - In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archives from paths an...

NewStart CGSL CORE 5.05 / MAIN 5.05 : thunderbird Multiple Vulnerabilities (NS-SA-2021-0172)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has thunderbird packages installed that are affected by multiple vulnerabilities: - By holding a reference to the eval function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger obje...

NewStart CGSL CORE 5.05 / MAIN 5.05 : ImageMagick Vulnerability (NS-SA-2021-0186)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has ImageMagick packages installed that are affected by a vulnerability: - ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF...

NewStart CGSL CORE 5.04 / MAIN 5.04 : wpa_supplicant Vulnerability (NS-SA-2021-0105)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has wpasupplicant packages installed that are affected by a vulnerability: - A vulnerability was discovered in how p2p/p2ppd.c in wpasupplicant before 2.10 processes P2P Wi-Fi Direct provision discovery requests. It could resul...

NewStart CGSL CORE 5.05 / MAIN 5.05 : flatpak Vulnerability (NS-SA-2021-0181)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has flatpak packages installed that are affected by a vulnerability: - Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. A bug was discovered in the flatpak-portal service that...

NewStart CGSL CORE 5.05 / MAIN 5.05 : spamassassin Vulnerability (NS-SA-2021-0159)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has spamassassin packages installed that are affected by a vulnerability: - In Apache SpamAssassin before 3.4.3, a message can be crafted in a way to use excessive resources. Upgrading to SA 3.4.3 as soon as possible is the...

NewStart CGSL CORE 5.05 / MAIN 5.05 : NetworkManager Vulnerability (NS-SA-2021-0174)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has NetworkManager packages installed that are affected by a vulnerability: - It was found that nmcli, a command line interface to NetworkManager did not honour 802-1x.ca-path and 802-1x.phase2-ca-path settings, when creating a...

NewStart CGSL MAIN 6.02 : nss Multiple Vulnerabilities (NS-SA-2021-0121)

The remote NewStart CGSL host, running version MAIN 6.02, has nss packages installed that are affected by multiple vulnerabilities: - When converting coordinates from projective to affine, the modular inversion was not performed in constant time, resulting in a possible timing-based side channel...

NewStart CGSL CORE 5.05 / MAIN 5.05 : ntp Vulnerability (NS-SA-2021-0186)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has ntp packages installed that are affected by a vulnerability: - ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service daemon exit or system time change by predicting transm...

NewStart CGSL CORE 5.04 / MAIN 5.04 : openldap Vulnerability (NS-SA-2021-0114)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openldap packages installed that are affected by a vulnerability: - A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker...

CVE-2020-36491

DedeCMS v7.5 SP2 was discovered to contain multiple cross-site scripting XSS vulnerabilities in the component tagsmain.php via the activepath, keyword, tag, fmdo=x&filename, CKEditor and CKEditorFuncNum parameters...

The vulnerability of the main() function of the dmgdmg2img conversion tool, which involves reading data beyond the allowable buffer size, allows an attacker to access confidential data and cause a service failure.

The vulnerability of the main function of the dmgdmg2img conversion tool lies in the lack of checks for the size of the read buffer during the memcpy operation within the function. Exploiting this vulnerability can allow an attacker to gain access to confidential data, as well as cause service...

CVE-2020-20665

rudp v0.6 was discovered to contain a memory leak in the component main.c...

Rudp 安全漏洞

rudp is a reliable UDP. A security vulnerability exists in Rudp version 0.6, which stems from the inclusion of a memory leak in the component main.c. The vulnerability is caused by the inclusion of a memory leak in the component main.c. The vulnerability is not supported by Rudp...

mysql:8.0 security, bug fix, and enhancement update

mysql 8.0.26-1 - Update to MySQL 8.0.26 8.0.25-1 - Update to MySQL 8.0.25 8.0.24-1 - Update to MySQL 8.0.24 - Upstreamed patch: mysql-main-cast.patch 8.0.23-1 - Update to MySQL 8.0.23 - Created mysql-fix-includes-robin-hood.patch - Created mysql-main-cast.patch 8.0.22-1 - Update to MySQL 8.0.22 -...

PYSEC-2021-324

An issue was discovered in LIEF through 0.11.4. A heap-buffer-overflow exists in the function main located in pereader.c. It allows an attacker to cause code Execution...

CVE-2021-39402

MaianAffiliate v.1.0 is suffers from code injection by adding a new product via the admin panel. The injected payload is reflected on the affiliate main page for all authenticated and unauthenticated visitors...

LIEF 缓冲区错误漏洞

Lief is a cross-platform library from the individual developer Romain Thomas. It is used to parse, modify and abstract Elf, Pe and MachO formats. A security vulnerability exists in LIEF, which stems from a heap buffer overflow in the main function in pe reader.c. This vulnerability can be exploit...