F5 Networks BIG-IP : cURL vulnerability (K61186963)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.1.3 / 17.5.1.1. It is, therefore, affected by a vulnerability as referenced in the K61186963 advisory. curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP...

NewStart CGSL CORE 5.04 / MAIN 5.04 : glibc Multiple Vulnerabilities (NS-SA-2021-0095)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has glibc packages installed that are affected by multiple vulnerabilities: - The posixspawnfileactionsaddopen function in glibc before 2.20 does not copy its path argument in accordance with the POSIX specification, which allo...

UniswapV2/SushiwapLPAdapter update the wrong token

Handle cmichel Vulnerability details The UniswapV2LPAdapter/SushiswapV2LPAdapter.update function retrieves the underlying from the LP token pair asset but then calls router.updateasset, proof which is the LP token itself again. This will end up with the router calling this function again...

NewStart CGSL MAIN 6.02 : binutils Multiple Vulnerabilities (NS-SA-2021-0122)

The remote NewStart CGSL host, running version MAIN 6.02, has binutils packages installed that are affected by multiple vulnerabilities: - findabstractinstance in dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32, allows remote attackers to cause a...

NewStart CGSL CORE 5.05 / MAIN 5.05 : libcroco Vulnerability (NS-SA-2021-0160)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has libcroco packages installed that are affected by a vulnerability: - libcroco through 0.6.13 has excessive recursion in crparserparseanycore in cr-parser.c, leading to stack consumption. CVE-2020-12825 Note that Nessus has n...

The vulnerability of the ati-vga hardware emulation component in QEMU, related to uncontrolled recursion, allows a hacker to trigger a service failure.

The vulnerability of the ati-vga hardware emulation component in QEMU is related to an uncontrolled recursion. Exploiting this vulnerability can allow an attacker to cause a system failure...

NewStart CGSL CORE 5.05 / MAIN 5.05 : bind Multiple Vulnerabilities (NS-SA-2021-0137)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has bind packages installed that are affected by multiple vulnerabilities: - A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, throu...

ICONICS GENESIS64 and Mitsubishi Electric MC Works64 OPC UA

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendors: ICONICS, Mitsubishi Electric Equipment: ICONICS GENESIS64, Mitsubishi Electric MC Works64 Vulnerability: Uncontrolled Recursion 2. RISK EVALUATION Successful exploitation of this vulnerability could...

ntfs-3g: Endless recursion from ntfs_attr_pwrite() triggered by an unallocated bitmap

The ntfs3g package is susceptible to a heap overflow on crafted input. When processing an NTFS image, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is system availability...

ntfs-3g: Endless recursion from ntfs_attr_pwrite() triggered by an unallocated bitmap

The ntfs3g package is susceptible to a heap overflow on crafted input. When processing an NTFS image, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is system availability...

SUSE: Security Advisory (SUSE-SU-2021:14800-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OPENSUSE-SU-2021:1294-1 Security update for libcroco

This update for libcroco fixes the following issues: - CVE-2020-12825: Fixed recursion issue in block and any productions bsc1171685. This update was imported from the SUSE:SLE-15-SP2:Update update project...

Security update for libcroco (moderate)

openSUSE Security Update: Security update for libcroco Announcement ID: openSUSE-SU-2021:1294-1 Rating: moderate References: 1171685 Cross-References: CVE-2020-12825 CVSS scores: CVE-2020-12825 NVD : 7.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H CVE-2020-12825 SUSE: 2.8...

The vulnerability of the lyxml_parse_mem() function in the syntax analyzer and data modeling tool YANG Libyang, related to an uncontrolled recursion, allows attackers to cause service failures.

The vulnerability of the lyxmlparsemem function, a syntax analyzer and tool for data modeling in the YANG Libyang language, is related to an uncontrolled recursion in the lyxmlparseelem function. Exploiting this vulnerability could allow a malicious actor to cause service failures...

openSUSE: Security Advisory for libcroco (openSUSE-SU-2021:3123-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLES11 Security Update : libcroco (SUSE-SU-2021:14800-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2021:14800-1 advisory. - libcroco through 0.6.13 has excessive recursion in crparserparseanycore in cr-parser.c, leading to stack consumption. CVE-2020-12825 Note that Nessu...

SUSE SLED15 / SLES15 Security Update : libcroco (SUSE-SU-2021:3123-1)

The remote SUSE Linux SLED15 / SLES15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:3123-1 advisory. - libcroco through 0.6.13 has excessive recursion in crparserparseanycore in cr-parser.c, leading to stack consumption. CVE-2020-12825 Note tha...

Cookiex-Deep 安全漏洞

Cookiex-Deep is a library. It is used to add object recursion to a target. Cookiex-Deep has a security vulnerability that can be exploited by an attacker to cause proto objects to contaminate global proto objects...

OPENSUSE-SU-2021:3123-1 Security update for libcroco

This update for libcroco fixes the following issues: - CVE-2020-12825: Fixed recursion issue in block and any productions bsc1171685...

SUSE-SU-2021:3123-1 Security update for libcroco

This update for libcroco fixes the following issues: - CVE-2020-12825: Fixed recursion issue in block and any productions bsc1171685...