JerryScript 缓冲区错误漏洞

JerryScript is a lightweight JavaScript engine from the JerryScript Jerryscript project. JerryScript 2.3.0 is vulnerable due to an out-of-bounds read in the main print unhandled exception in the main-util .c file, which could be exploited by an attacker to cause code execution...

NewStart CGSL CORE 5.04 / MAIN 5.04 : rsyslog Multiple Vulnerabilities (NS-SA-2020-0080)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has rsyslog packages installed that are affected by multiple vulnerabilities: - An issue was discovered in Rsyslog v8.1908.0. contrib/pmcisconames/pmcisconames.c has a heap overflow in the parser for Cisco log messages. The...

NewStart CGSL CORE 5.05 / MAIN 5.05 : python3 Multiple Vulnerabilities (NS-SA-2020-0089)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has python3 packages installed that are affected by multiple vulnerabilities: - http.cookiejar.DefaultPolicy.domainreturnok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be trick...

NewStart CGSL CORE 5.04 / MAIN 5.04 : unbound Multiple Vulnerabilities (NS-SA-2020-0079)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has unbound packages installed that are affected by multiple vulnerabilities: - Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an NXNSAttack issue. This is triggered by random subdomains in the...

NewStart CGSL CORE 5.05 / MAIN 5.05 : sudo Vulnerability (NS-SA-2020-0096)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has sudo packages installed that are affected by a vulnerability: - In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. pwfeedback is ...

NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2020-0073)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - In the Linux kernel 5.4.0-rc2, there is a use-after-free read in the blkaddtrace function in kernel/trace/blktrace.c which is used to fill out a...

NewStart CGSL CORE 5.04 / MAIN 5.04 : net-snmp Vulnerability (NS-SA-2020-0063)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has net-snmp packages installed that are affected by a vulnerability: - snmpoidcompare in snmplib/snmpapi.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an unauthenticated attacker to remotely cau...

NewStart CGSL CORE 5.04 / MAIN 5.04 : bash Vulnerability (NS-SA-2020-0067)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has bash packages installed that are affected by a vulnerability: - rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASHCMDS, thus allowing the user to execute any command with the permissions of th...

NewStart CGSL CORE 5.04 / MAIN 5.04 : gettext Vulnerability (NS-SA-2020-0070)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has gettext packages installed that are affected by a vulnerability: - An issue was discovered in GNU gettext 0.19.8. There is a double free in defaultaddmessage in read- catalog.c, related to an invalid free in pogramparse in...

NewStart CGSL CORE 5.04 / MAIN 5.04 : cups Multiple Vulnerabilities (NS-SA-2020-0067)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has cups packages installed that are affected by multiple vulnerabilities: - In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions. CVE-2018-4180, CVE-2018-418...

NewStart CGSL CORE 5.05 / MAIN 5.05 : okular Vulnerability (NS-SA-2020-0115)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has okular packages installed that are affected by a vulnerability: - okular version 18.08 and earlier contains a Directory Traversal vulnerability in function unpackDocumentArchive... in core/document.cpp that can result in...

NewStart CGSL CORE 5.04 / MAIN 5.04 : thunderbird Multiple Vulnerabilities (NS-SA-2020-0074)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has thunderbird packages installed that are affected by multiple vulnerabilities: - Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after- free. We are aware of targeted attack...

NewStart CGSL CORE 5.05 / MAIN 5.05 : sqlite Vulnerability (NS-SA-2020-0096)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has sqlite packages installed that are affected by a vulnerability: - Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

NewStart CGSL CORE 5.05 / MAIN 5.05 : krb5 Vulnerability (NS-SA-2020-0103)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has krb5 packages installed that are affected by a vulnerability: - A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 aka krb5 before 1.17. If an attacker can obtain a krbtgt ticket using an older encrypti...

NewStart CGSL CORE 5.04 / MAIN 5.04 : microcode_ctl Multiple Vulnerabilities (NS-SA-2020-0071)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has microcodectl packages installed that are affected by multiple vulnerabilities: - Incomplete cleanup from specific special register read operations in some IntelR Processors may allow an authenticated user to potentially...

NewStart CGSL CORE 5.04 / MAIN 5.04 : squid Multiple Vulnerabilities (NS-SA-2020-0060)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has squid packages installed that are affected by multiple vulnerabilities: - An issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function...

NewStart CGSL CORE 5.05 / MAIN 5.05 : advancecomp Multiple Vulnerabilities (NS-SA-2020-0101)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has advancecomp packages installed that are affected by multiple vulnerabilities: - An issue was discovered in AdvanceCOMP through 2.1. An invalid memory address occurs in the function advpngunfilter8 in lib/png.c. It can be...

NewStart CGSL CORE 5.05 / MAIN 5.05 : python-reportlab Vulnerability (NS-SA-2020-0109)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has python-reportlab packages installed that are affected by a vulnerability: - ReportLab through 3.5.26 allows remote code execution because of toColorevalarg in colors.py, as demonstrated by a crafted XML document with ' C...

NewStart CGSL CORE 5.05 / MAIN 5.05 : apache-commons-beanutils Vulnerability (NS-SA-2020-0100)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has apache-commons-beanutils packages installed that are affected by a vulnerability: - In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to acces...

NewStart CGSL CORE 5.05 / MAIN 5.05 : libqb Vulnerability (NS-SA-2020-0088)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has libqb packages installed that are affected by a vulnerability: - libqb before 1.0.5 allows local users to overwrite arbitrary files via a symlink attack, because it uses predictable filenames under /dev/shm and /tmp without...