Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from the tracing module not restricting access to parser-buffer when tracegetuser fails...

Linux Distros Unpatched Vulnerability : CVE-2018-14882

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. CVE-2018-14882 Note that Nessus relies on the presence of the package as...

Linux Distros Unpatched Vulnerability : CVE-2017-13001

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:nfsprintfh. CVE-2017-13001 Note that Nessus relies on the presence of the package a...

Fedora 39 : gst-devtools / gstreamer1 / gstreamer1-doc / python-gstreamer1 (2023-1661e0af22)

The remote Fedora 39 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-1661e0af22 advisory. Fixes for GStreamer-SA-2023-0010 ZDI-CAN-22299 and GStreamer-SA-2023-0009 ZDI-CAN-22226 CVE-2023-44429 Tenable has extracted the preceding description block...

PX4 Drone Autopilot Security Vulnerability

PX4 Drone Autopilot is a PX4 Drone Autopilot for Drones open source. A security vulnerability exists in PX4 Drone Autopilot 1.14.0-rc1 and earlier versions, which stems from a lack of checking of the parserbufindex value, resulting in a buffer overflow vulnerability...

openSUSE: Security Advisory for clamav (openSUSE-SU-2021:0555-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLES12 Security Update : clamav (SUSE-SU-2021:1189-1)

This update for clamav fixes the following issues : CVE-2021-1252: Fix for Excel XLM parser infinite loop. bsc1184532 CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash. bsc1184533 CVE-2021-1405: Fix for mail parser NULL-dereference crash. bsc1184534 Fix errors when scanning files...

SUSE-SU-2021:1189-1 Security update for clamav

This update for clamav fixes the following issues: - CVE-2021-1252: Fix for Excel XLM parser infinite loop. bsc1184532 - CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash. bsc1184533 - CVE-2021-1405: Fix for mail parser NULL-dereference crash. bsc1184534 - Fix errors when scannin...

SUSE SLED15 / SLES15 Security Update : libqt5-qtbase (SUSE-SU-2020:2741-1)

This update for libqt5-qtbase fixes the following issues : CVE-2020-17507: Fixed a buffer overflow in XBM parser bsc1176315 Made handling of XDGRUNTIMEDIR more secure bsc1172515 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security...

CVE-2019-20087

GoPro GPMF-parser 1.2.3 has a heap-based buffer over-read in GPMFseekToSamples in GPMF-parse.c for the "matching tags" feature...

CVE-2018-14466

The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rxcachefind and rxcacheinsert...

Denial Of Service (DoS)

libexiv2.so is vulnerable to denial of service. A heap-based buffer overflow in the tiff parser allows an attacker to crash the application, or potentially execute arbitrary code...

CVE-2017-13036

The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6decodev3...

CVE-2017-13026

The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c, several functions...

CVE-2016-7975

The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcpprint...

CVE-2016-7937

The VAT parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:vatprint...

CVE-2016-7975

The TCP parser in tcpdump before 4.9.0 has a buffer overflow in print-tcp.c:tcpprint...

CVE-2016-7934

The RTCP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtcpprint...

Ubuntu 5.04 / 6.06 LTS : openoffice.org-amd64, openoffice.org vulnerabilities (USN-313-1)

It was possible to embed Basic macros in documents in a way that OpenOffice.org would not ask for confirmation about executing them. By tricking a user into opening a malicious document, this could be exploited to run arbitrary Basic code including local file access and modification with the user...

IIL Advisory: Winamp 3 (1.0.0.488) XML parser buffer overflow vulnerability

Illegal Instruction Labs Advisory ------------------------------------------------------------------------ Advisory name: Winamp 3 1.0.0.488 XML parser buffer overflow vulnerability Application: Winamp 3 1.0.0.488 Homepage: www.winamp.com Impact: There is a buffer overflow inside XML parser DLL...