The vulnerability of Xen hypervisors, caused by uncontrolled recursion, allows attackers to trigger an emergency shutdown of the application.

The vulnerability of the Xen hypervisor is caused by an uncontrolled recursion. Exploiting this vulnerability can allow an attacker to cause the application to terminate abnormally...

SUSE-SU-2021:2117-1 Security update for ovmf

This update for ovmf fixes the following issues: - Fixed a possible buffer overflow in IScsiDxe bsc1186151 - CVE-2021-28211: ovmf: edk2: possible heap corruption with LzmaUefiDecompressGetInfo bsc1183578 - CVE-2021-28210: ovmf: unlimited FV recursion, round 2 bsc1183579 - CVE-2019-14584: ovmf,shi...

DEBIAN-CVE-2021-28210

An unlimited recursion in DxeCore in EDK II...

CVE-2021-28210

An unlimited recursion in DxeCore in EDK II...

CVE-2021-28210

An unlimited recursion in DxeCore in EDK II...

CVE-2021-28210

An unlimited recursion in DxeCore in EDK II...

CVE-2021-28210

An unlimited recursion in DxeCore in EDK II...

CVE-2021-28210

CVE-2021-28210 corresponds to an unlimited recursion vulnerability in the DxeCore component of EDK II. Affects EDK II implementations (DxeCore) across multiple platforms as cited in connected advisories (AstraLinux, EulerOS, Red Hat, SUSE, Ubuntu, etc.). The NVD data indicates a CVSS v3.1 base sc...

krb5 security update

1.15.1-50.0.1 - Add recursion limit for ASN.1 indefinite lengths Orabug: 32582360...

SUSE-SU-2021:1951-1 Security update for salt

This update for salt fixes the following issues: - Check if dpkgnotify is executable bsc1186674 - Update to Salt release version 3002.2 jscECO-3212, jscSLE-18033, jscSLE-18028 - Drop support for Python2. Obsoletes python2-salt package jscSLE-18028 - Fix issue parsing errors in ansiblegate state...

Oracle Linux 7 : krb5 (ELSA-2021-9294)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2021-9294 advisory. 1.15.1-50.0.1 - Add recursion limit for ASN.1 indefinite lengths Orabug: 32582360 Tenable has extracted the preceding description block directly from the Oracle...

SUSE: Security Advisory (SUSE-SU-2018:0395-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2015:0488-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2014:1321-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:3377-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2014:0761-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2014:0759-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2021:0972-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

krb5: unbounded recursion via an ASN.1-encoded Kerberos message in lib/krb5/asn.1/asn1_encode.c may lead to DoS

A flaw was found in krb5. MIT Kerberos 5 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1encode.c support for BER indefinite lengths lacks a recursion limit...

Unspecified vulnerability in PoDoFo (CNVD-2021-43538)

PoDoFo is a free, portable and easy to use PDF parsing, modification and creation library. An uncontrolled recursive call vulnerability exists in the PdfTokenizer::ReadArray, PdfTokenizer::GetNextVariant and PdfTokenizer::ReadDataType functions in PoDoFo version 0.9.7. An attacker could exploit...