uBlock 安全漏洞

uBlock is an open source ad blocker. There is a security vulnerability in uBlock Origin that allows a carefully crafted website to cause a denial of service infinite recursion can trigger memory consumption and loss of all blocking functionality...

SUSE: Security Advisory (SUSE-SU-2021:2320-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2021:2320-1 Security update for sqlite3

This update for sqlite3 fixes the following issues: - Update to version 3.36.0 - CVE-2020-15358: heap-based buffer overflow in multiSelectOrderBy due to mishandling of query-flattener optimization bsc1173641 - CVE-2020-9327: NULL pointer dereference and segmentation fault because of generated...

PT-2021-21349 · Unknown +2 · Ublock Origin +2

Name of the Vulnerable Software and Affected Versions: uBlock Origin versions prior to 1.36.2 nMatrix versions prior to 4.4.9 Description: The issue allows crafted web sites to cause a denial of service due to unbounded recursion, which can trigger memory consumption and a loss of all blocking...

The vulnerability of the Oniguruma regular expression library, related to an uncontrolled recursion, allows a hacker to trigger a service failure.

The vulnerability of the Oniguruma regular expression library is related to an uncontrolled recursion. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

MGASA-2021-0333 Updated libcroco and gettext packages fix security vulnerability

libcroco through 0.6.13 has excessive recursion in crparserparseanycore in cr-parser.c, leading to stack consumption CVE-2020-12825...

Updated libcroco and gettext packages fix security vulnerability

libcroco through 0.6.13 has excessive recursion in crparserparseanycore in cr-parser.c, leading to stack consumption CVE-2020-12825...

CVE-2021-36154

HTTP2ToRawGRPCServerCodec in gRPC Swift 1.1.1 and earlier allows remote attackers to deny service via the delivery of many small messages within a single HTTP/2 frame, leading to Uncontrolled Recursion and stack consumption...

CVE-2021-36154

HTTP2ToRawGRPCServerCodec in gRPC Swift 1.1.1 and earlier allows remote attackers to deny service via the delivery of many small messages within a single HTTP/2 frame, leading to Uncontrolled Recursion and stack consumption...

CVE-2021-36154

CVE-2021-36154 affects gRPC Swift up to version 1.1.1, where HTTP2ToRawGRPCServerCodec can mishandle multiple small messages in a single HTTP/2 frame, causing uncontrolled recursion and denial of service. Public advisories (GHSA-4RHQ-VQ24-88GW and OSV/Red Hat entries) confirm the issue and state ...

EulerOS Virtualization 3.0.2.2 : krb5 (EulerOS-SA-2021-2141)

According to the version of the krb5 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - MIT Kerberos 5 aka krb5 before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because...

EulerOS Virtualization 3.0.2.2 : libcroco (EulerOS-SA-2021-2143)

According to the version of the libcroco package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - libcroco through 0.6.13 has excessive recursion in crparserparseanycore in cr-parser.c, leading to stack consumption.CVE-2020-12825...

OESA-2021-1251 edk2 security update

EDK II is a modern, feature-rich, cross-platform firmware development environment for the UEFI and PI specifications. Security Fixes: An unlimited recursion in DxeCore in EDK II.CVE-2021-28210...

Advisory ROSA-SA-2021-1926

Software: nasm 2.10.07 OS: Cobalt 7.9 CVE-ID: CVE-2018-1000667 CVE-Crit: MEDIUM CVE-DESC: NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains nasm memory corruption crash while processing a created file due to assemblyfile inname, independentptr function at asm / nasm.c: 482...

Advisory ROSA-SA-2021-1885

Software: libproxy 0.4.11 OS: Cobalt 7.9 CVE-ID: CVE-2020-25219 CVE-Crit: HIGH CVE-DESC: url :: recvline in url.cpp in libproxy 0.4.x to 0.4.15 allows a remote HTTP server to run uncontrolled recursion through a response consisting of an infinite stream with no newline character. This results in...

Advisory ROSA-SA-2021-1865

Software: libcroco 0.6.12 OS: Cobalt 7.9 CVE-ID: CVE-2017-7960 CVE-Crit: MEDIUM CVE-DESC: The crinputnewfromuri function in cr-input.c in libcroco 0.6.11 and 0.6.12 allows remote attackers to cause a denial of service heap-based buffer re-read via a crafted CSS file. CVE-STATUS: default CVE-REV:...

EulerOS Virtualization for ARM 64 3.0.2.0 : libproxy (EulerOS-SA-2021-2073)

According to the version of the libproxy package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion...

Updated re2c package fixes a security vulnerability

re2c before 2.0 has uncontrolled recursion that causes stack consumption in findfixedtags CVE-2018-21232...

SUSE SLES12 Security Update : ovmf (SUSE-SU-2021:2117-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2117-1 advisory. - Null pointer dereference in Tianocore EDK2 may allow an authenticated user to potentially enable escalation of privilege via loca...

SUSE SLES15 Security Update : ovmf (SUSE-SU-2021:2161-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:2161-1 advisory. - An unlimited recursion in DxeCore in EDK II. CVE-2021-28210 - A heap overflow in LzmaUefiDecompressGetInfo function in EDK II...