Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : curl vulnerability (USN-6944-2)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6944-2 advisory. USN-6944-1 fixed CVE-2024-7264 for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. This update provides the corresponding fix fo...

Ubuntu: Security Advisory (USN-6944-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS : curl vulnerability (USN-6944-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6944-1 advisory. Dov Murik discovered that curl incorrectly handled parsing ASN.1 Generalized Time fields. A remote attacker could use this issue to cause...

USN-3430-3: Dnsmasq regression

USN-3430-2 fixed several vulnerabilities. The update introduced a new regression that breaks DNS resolution. This update addresses the problem. We apologize for the inconvenience. Original advisory details: Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq...

USN-3441-1: curl vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description Daniel Stenberg discovered that curl incorrectly handled large floating point output. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute...

USN-3430-2: Dnsmasq vulnerabilities

USN-3430-1 fixed several vulnerabilities in Dnsmasq. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. A remote attacker could...

Ubuntu 14.04 LTS / 16.04 LTS : Dnsmasq vulnerabilities (USN-3430-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3430-1 advisory. Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. A remote attacke...

AIX 5.3 TL 12 : libxml2 (IV80617)

The remote AIX host has a version of libxml2 installed that is affected by the following vulnerabilities : - A heap-based buffer overflow condition exists in the xmlParseEntityDecl and xmlParseConditionalSections functions within file parser.c due to a failure to properly stop parsing invalid...

Design/Logic Flaw

The keycertify function in usr.bin/ssh/key.c in OpenSSH 5.6 and 5.7, when generating legacy certificates using the -t command-line option in ssh-keygen, does not initialize the nonce field, which might allow remote attackers to obtain sensitive stack memory contents or make it easier to conduct...

Out-of-bounds

oggparsevorbis.c in FFmpeg 0.5 does not properly perform certain pointer arithmetic, which might allow remote attackers to obtain sensitive memory contents and cause a denial of service via a crafted file that triggers an out-of-bounds read...

Design/Logic Flaw

Opera before 9.25 allows remote attackers to obtain potentially sensitive memory contents via a crafted bitmap BMP file, as demonstrated using a CANVAS element and JavaScript in an HTML document for copying these contents from 9.50 beta, a related issue to CVE-2008-0420...