Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2021-1600)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 Security Update : glibc (SUSE-SU-2021:0653-1)

This update for glibc fixes the following issues : Fix buffer overrun in EUC-KR conversion module CVE-2019-25013, bsc1182117, BZ 24973 x86: Harden printf against non-normal long double values CVE-2020-29573, bsc1179721, BZ 26649 gconv: Fix assertion failure in ISO-2022-JP-3 module CVE-2021-3326,...

Security update for glibc (important)

openSUSE Security Update: Security update for glibc Announcement ID: openSUSE-SU-2021:0358-1 Rating: important References: 1178386 1179694 1179721 1180038 1181505 1182117 Cross-References: CVE-2019-25013 CVE-2020-27618 CVE-2020-29562 CVE-2020-29573 CVE-2021-3326 CVSS scores: CVE-2019-25013 NVD :...

OPENSUSE-SU-2021:0358-1 Security update for glibc

This update for glibc fixes the following issues: - Fix buffer overrun in EUC-KR conversion module CVE-2019-25013, bsc1182117, BZ 24973 - x86: Harden printf against non-normal long double values CVE-2020-29573, bsc1179721, BZ 26649 - gconv: Fix assertion failure in ISO-2022-JP-3 module...

1ib (>=1.0.9 <=1.0.11), 4front-cli (>=0.0.1 <=0.0.20) +375 more potentially affected by CVE-2021-23354 via printf (>=0.0.4 <=0.6.0)

printf NPM version =0.0.4, =1.0.9, =0.0.1, =1.0.0, =0.1.0, =0.1.0, =0.1.0, =0.2.0, =0.1.0, =0.1.5, =1.3.0, =1.2.26, =1.2.31, =7.54.0 and more Source cves: CVE-2021-23354 Source advisory: SNYK:JS-PRINTF-1072096...

Regular Expression Denial of Service (ReDoS)

Overview printf is a complete implementation of the printf C functions family for Node.JS, written in pure JavaScript. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the regex string /%?:\w.+|1-9\d$?0...

Denial Of Service (DoS)

glibc is vulnerable to denial of service DoS. The vulnerability exists through sysdeps/i386/ldbl2mpn.c where a stack-based buffer overflow occurs on the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a...

glibc: stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern

A stack buffer overflow flaw was found in glibc in the way the printf family of functions processed an 80-bit long double with a non-canonical bit pattern. This flaw allows an attacker who can control the arguments of these functions with the non-standard long double pattern to trigger an overflo...

CVE-2020-29573

A stack buffer overflow flaw was found in glibc in the way the printf family of functions processed an 80-bit long double with a non-canonical bit pattern. This flaw allows an attacker who can control the arguments of these functions with the non-standard long double pattern to trigger an overflo...

DEBIAN-CVE-2020-29573

sysdeps/i386/ldbl2mpn.c in the GNU C Library aka glibc or libc6 before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a...

CVE-2020-29573

sysdeps/i386/ldbl2mpn.c in the GNU C Library aka glibc or libc6 before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a...

Stack overflow

sysdeps/i386/ldbl2mpn.c in the GNU C Library aka glibc or libc6 before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a...

UBUNTU-CVE-2020-29573

sysdeps/i386/ldbl2mpn.c in the GNU C Library aka glibc or libc6 before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a...

CVE-2020-29573

CVE-2020-29573 affects the GNU C Library (glibc) on x86, where sysdeps/i386/ldbl2mpn.c allows a stack-based buffer overflow when a printf-family input is an 80-bit long double with a non-canonical pattern (example: 0x0004000000000000000000000000000000000004 passed to sprintf). Public notes indica...

Format String Attack

tensorflow is vulnerable to format string attacks. The vulnerability exists as the fill argument of tf.strings.asstring reaches a printf call without sanitization...

Multiple buffer overflows in the printf functionality in SQLite as used in Apple iOS before 8.4 and OS X before 10.10.4 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unspecified vectors.

...

EulerOS Virtualization for ARM 64 3.0.2.0 : sqlite (EulerOS-SA-2020-1987)

According to the versions of the sqlite package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference flaw was found in SQLite when rewriting select statements for window functions. This flaw...

EulerOS Virtualization for ARM 64 3.0.6.0 : sqlite (EulerOS-SA-2020-1908)

According to the versions of the sqlite packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - SQLite through 3.32.0 has an integer overflow in sqlite3strvappendf in printf.c.CVE-2020-13434 - In SQLite before...

CVE-2020-13434

An integer overflow flaw was found in the SQLite implementation of the printf function. This flaw allows an attacker who can control the precision of floating-point conversions, to crash the application, resulting in a denial of service...

CVE-2020-13434

SQLite through 3.32.0 has an integer overflow in sqlite3strvappendf in printf.c...