AlmaLinux 9 : fribidi (ALSA-2022:8011)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:8011 advisory. - A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an attacker to pass a specially crafted file to the Fribidi...

CVE-2022-34667

NVIDIA CUDA Toolkit SDK contains a stack-based buffer overflow vulnerability in cuobjdump, where an unprivileged remote attacker could exploit this buffer overflow condition by persuading a local user to download a specially crafted corrupted file and execute cuobjdump against it locally, which m...

CVE-2022-34667

CVE-2022-34667 affects the NVIDIA CUDA Toolkit SDK, specifically the cuobjdump component, due to a stack-based buffer overflow . An unprivileged local attacker could trigger this by convincing a user to download a crafted file and run cuobjdump locally, potentially causing a limited denial of ser...

RHEL 9 : fribidi (RHSA-2022:8011)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:8011 advisory. FriBidi is a library to handle bidirectional scripts for example Hebrew, Arabic, so that the display is done in the proper way, while the te...

Synology DiskStation Manager (DSM) 6.2.x < 6.2.3-25426-3 Multiple Vulnerabilities (Synology-SA-20:26) - Remote Known Vulnerable Versions Check

Synology DiskStation Manager DSM is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

fribidi security update

An update is available for fribidi. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list FriBidi is a library to handle bidirectional scripts for example Hebrew,...

Ubuntu 16.04 ESM : Vim vulnerabilities (USN-5723-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5723-1 advisory. It was discovered that Vim could be made to crash when searching specially crafted patterns. An attacker could possibly use this to crash Vim and cause...

Debian dla-3182 : vim - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3182 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3182-1 [email protected]...

Stack overflow

Due to lack of proper memory management, when a victim opens manipulated file received from untrusted sources in SAP 3D Visual Enterprise Author and SAP 3D Visual Enterprise Viewer, Arbitrary Code Execution can be triggered when payload forces:Re-use of dangling pointer which refers to overwritte...

CVE-2022-41211

The CVE-2022-41211 issue concerns SAP 3D Visual Enterprise Author and SAP 3D Visual Enterprise Viewer, specifically in the parsing of DST files. Connected sources describe a Use-After-Free vulnerability in DST file parsing that can lead to Remote Code Execution. Exploitation typically requires us...

Siemens Teamcenter Visualization and JT2Go

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

Amazon Linux 2022 : cifs-utils, cifs-utils-devel, cifs-utils-info (ALAS2022-2022-204)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-204 advisory. A stack-based buffer overflow issue was found in pifs-utils. Parsing the mount.cifs ip command-line argument can lead to local attackers gaining root privileges. CVE-2022-27239 A flaw was found...

D-Link DIR-1935 HNAP_AUTH Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of Login requests to the web management portal. When...

D-Link DIR-1935 SOAPAction Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of http requests to the web management portal. When parsi...

SUSE SLED15: hdf5-gnu-hpc / hdf5-gnu-hpc-devel / hdf5-gnu-mpich-hpc / etc (SUSE-SU-2022:3829-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3829-1 advisory. - CVE-2021-46244: Fixed division by zero leading to DoS bsc1195215. - CVE-2018-13867: Fixed out ...

SUSE SLES15: hdf5-gnu-hpc / hdf5-gnu-hpc-devel / hdf5-gnu-mpich-hpc / etc (SUSE-SU-2022:3826-1)

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3826-1 advisory. - CVE-2021-46244: Fixed division by zero leading to DoS bsc1195215. - CVE-2018-13867: Fixed out of bounds read in the function H5Faccumread in...

EulerOS 2.0 SP3 : vim (EulerOS-SA-2022-2639)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Use after free in appendcommand in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protecti...

Huawei EulerOS: Security Advisory for cifs-utils (EulerOS-SA-2022-2602)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Stack overflow

Advantech R-SeeNet Versions 2.4.17 and prior are vulnerable to a stack-based buffer overflow. An unauthorized attacker can use an outsized filename to overflow the stack buffer and enable remote code execution...

EulerOS 2.0 SP3 : cifs-utils (EulerOS-SA-2022-2602)

According to the versions of the cifs-utils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers...