19 matches found
PT-2026-39710
Name of the Vulnerable Software and Affected Versions jq versions 1.8.1 and earlier Description Top-level programs loaded from a file using the '-f' flag are truncated at the first embedded NUL byte. A specially crafted filter file containing a NUL byte followed by an arbitrary suffix will compil...
CVE-2023-54150
In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix an out of bounds error in BIOS parser The array is hardcoded to 8 in atomfirmware.h, but firmware provides a bigger one sometimes. Deferencing the larger array causes an out of bounds error. commit 4fc1ba4aa589...
openSUSE 15: libpython3_9-1_0 / libpython3_9-1_0-32bit / python39 / etc (SUSE-SU-2025:4433-1)
The remote openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:4433-1 advisory. Update to 3.9.25: - Security - gh-137836: Add support of the plaintext element, RAWTEXT elements xmp, iframe, noembed and noframes, and optionally RAWTEXT...
SUSE-SU-2025:1026-1 Security update for php7
This update for php7 fixes the following issues: - CVE-2024-11235: Fixed reference counting in phprequestshutdown causing Use-After-Free bsc1239666 - CVE-2025-1217: Fixed header parser of http stream wrapper not handling folded headers bsc1239664 - CVE-2025-1219: Fixed libxml streams using wrong...
SUSE-SU-2025:0994-1 Security update for php8
This update for php8 fixes the following issues: - CVE-2024-11235: Fixed reference counting in phprequestshutdown causing Use-After-Free bsc1239666 - CVE-2025-1217: Fixed header parser of http stream wrapper not handling folded headers bsc1239664 - CVE-2025-1219: Fixed libxml streams using wrong...
SUSE-SU-2025:0327-1 Security update for clamav
This update for clamav fixes the following issues: New version 1.4.2: CVE-2025-20128, bsc1236307: Fixed a possible buffer overflow read bug in the OLE2 file parser that could cause a denial-of-service DoS condition. - Start clamonacc with --fdpass to avoid errors due to clamd not being able to...
Security update for clamav
This update for clamav fixes the following issues: New version 1.4.2: CVE-2025-20128, bsc1236307: Fixed a possible buffer overflow read bug in the OLE2 file parser that could cause a denial-of-service DoS condition. Start clamonacc with --fdpass to avoid errors due to clamd not being able to acce...
CVE-2024-47835 GHSL-2024-263: Gstreamer NULL-pointer dereference in LRC subtitle parser
GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been detected in the parselrc function within gstsubparse.c. The parselrc function calls strchr to find the character '' in the string line. The pointer returned by this call ...
CVE-2024-47835
GStreamer is a library for constructing graphs of media-handling components. A null pointer dereference vulnerability has been detected in the parselrc function within gstsubparse.c. The parselrc function calls strchr to find the character '' in the string line. The pointer returned by this call ...
Security update for go1.22-openssl
This update for go1.22-openssl fixes the following issues: This update ships go1.22-openssl 1.22.7.1 jscSLE-18320 Update to version 1.22.7.1 cut from the go1.22-fips-release branch at the revision tagged go1.22.7-1-openssl-fips. Update to Go 1.22.7 229 go1.22.7 released 2024-09-05 includes securi...
CLSA-2023-1696537106 libxml2: Fix of 5 CVEs
CVE-2021-3517: fix flaw in the xml entity encoding - CVE-2021-3518: fix dangling pointers in entity reference nodes - CVE-2022-23308: fix use-after-free of ID and IDREF attributes - CVE-2022-40303: fix integer counters overflow when parsing a multi-gigabyte XML - CVE-2022-40304: fix double free...
CLSA-2022-1661173656 Fixed 50 CVEs in java-1.7.0-openjdk
Bump to 2.6.28 and OpenJDK 7u351-b01. - Security fixes in 7u351: - CVE-2022-21540: Improve class compilation JDK-8281859 - CVE-2022-21541: Enhance MethodHandle invocations JDK-8281866 - CVE-2022-34169: Improve Xalan supports JDK-8285407 - Security fixes in 7u341: - CVE-2022-21426: Better XPath...
OPENSUSE-SU-2021:0555-1 Security update for clamav
This update for clamav fixes the following issues: - CVE-2021-1252: Fix for Excel XLM parser infinite loop. bsc1184532 - CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash. bsc1184533 - CVE-2021-1405: Fix for mail parser NULL-dereference crash. bsc1184534 - Fix errors when scannin...
SUSE-SU-2021:1189-1 Security update for clamav
This update for clamav fixes the following issues: - CVE-2021-1252: Fix for Excel XLM parser infinite loop. bsc1184532 - CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash. bsc1184533 - CVE-2021-1405: Fix for mail parser NULL-dereference crash. bsc1184534 - Fix errors when scannin...
SUSE-SU-2021:14692-1 Security update for clamav
This update for clamav fixes the following issues: - CVE-2021-1252: Fix for Excel XLM parser infinite loop. bsc1184532 - CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash. bsc1184533 - CVE-2021-1405: Fix for mail parser NULL-dereference crash. bsc1184534 - Fix errors when scannin...
SUSE-SU-2021:1174-1 Security update for clamav
This update for clamav fixes the following issues: - CVE-2021-1252: Fix for Excel XLM parser infinite loop. bsc1184532 - CVE-2021-1404: Fix for PDF parser buffer over-read; possible crash. bsc1184533 - CVE-2021-1405: Fix for mail parser NULL-dereference crash. bsc1184534 - Fix errors when scannin...
OPENSUSE-SU-2019:2501-1 Security update for rsyslog
This update for rsyslog fixes the following issues: Security issues fixed: - CVE-2019-17041: Fixed a heap overflow in the parser for AIX log messages bsc1153451. - CVE-2019-17042: Fixed a heap overflow in the parser for Cisco log messages bsc1153459. Other issue addressed: - Fixed an issue where...
Debian Security Advisory DSA 2145-1 (libsmi)
The remote host is missing an update to libsmi announced via advisory DSA 2145-1. OpenVAS Vulnerability Test $Id: deb21451.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2145-1 libsmi Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...
SuSE9 Security Update : freeswan (YOU Patch Number 12503)
The previous fix for a flaw in the ASN.1 parser was incomplete and had to be reworked. CVE-2009-2661 This could lead to crashes of the pluto IKE daemon. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...