Amazon Linux 2 : php (ALASPHP8.0-2023-009)

The version of php installed on the remote host is prior to 8.0.30-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2PHP8.0-2023-009 advisory. GHSA-76gg-c692-v2mw: Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP NOTE: Fixe...

Amazon Linux 2 : php (ALASPHP8.2-2023-002)

The version of php installed on the remote host is prior to 8.2.9-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2PHP8.2-2023-002 advisory. GHSA-76gg-c692-v2mw: Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP NOTE: Fixed...

The vulnerability of the CNCSoft-B numerical control software and the DOPSoft software, caused by buffer overflow in the stack, allows a hacker to execute arbitrary code.

The vulnerability of the CNCSoft-B numerical control software and the DOPSoft software is caused by buffer overflow in the stack. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

The vulnerability of D-Link DIR-868L router’s microprogramming software arises from buffer overflow on the stack, allowing an attacker to trigger a buffer overflow.

The vulnerability of the D-Link DIR-868L router’s microprogramming software arises from buffer overflow on the stack. Exploiting this vulnerability allows a remote attacker to trigger a buffer overflow...

Amazon Linux 2 : php (ALASPHP8.1-2023-004)

The version of php installed on the remote host is prior to 8.1.22-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2PHP8.1-2023-004 advisory. GHSA-76gg-c692-v2mw: Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP NOTE: Fixe...

Advisory ROSA-SA-2023-2232

Software: firefox 102.14.0 OS: rosa-server79 packageevrstring: firefox-102.14.0-3.res7.x8664.rpm CVE-ID: CVE-2023-3417 BDU-ID: 2023-03965 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Thunderbird email client exists due to improper handling of the Unicode character for overriding text directio...

Siemens JT2GO 安全漏洞

Siemens Teamcenter Visualization is a software that provides teamwork capabilities for designing 2D and 3D scenarios.Siemens JT2GO is a JT file viewer. A stack buffer overflow vulnerability exists in Siemens Teamcenter Visualization and JT2Go, which can be exploited by an attacker to execute code...

The vulnerability of the DDP microprogramming software-based wireless access points from D-Link, model DAP-2622, allows a intruder to execute any arbitrary code.

The vulnerability of the DDP microprogramming software-based wireless access points from D-Link, such as the DAP-2622, is related to buffer overflow in the stack. Exploiting this vulnerability could allow an attacker operating remotely to execute arbitrary code...

Amazon Linux 2023 : php8.2, php8.2-bcmath, php8.2-cli (ALAS2023-2023-324)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-324 advisory. In PHP versions 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities...

Oracle Linux 7 : qemu (ELSA-2018-4262)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-4262 advisory. - net: ignore packet size greater than INTMAX Jason Wang Orabug: 28762625 CVE-2018-17963 - pcnet: fix possible buffer overflow Jason Wang Orabug:...

Medium: ruby20

Issue Overview: An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A stack out-of-bounds read occurs in matchat during regular expression searching. A logical error involving order of validation and access in matchat could...

The vulnerability of the fax3encode function in the LibTIFF library, which allows a hacker to trigger a service failure.

The vulnerability of the fax3encode function in the LibTIFF library arises from buffer overflows in the stack. Exploiting this vulnerability could allow a malicious actor to cause a service failure...

The vulnerability of the rotateimage() function in the LibTIFF library allows a attacker to cause a service failure.

The vulnerability of the rotateimage function in the LibTIFF library arises due to buffer overflow on the stack. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability of the uv_encode() function in the LibTIFF library, caused by buffer overflows in the stack, allows attackers to trigger a service denial.

The vulnerability of the uvencode function in the LibTIFF library arises due to buffer overflow on the stack. Exploiting this vulnerability could allow an attacker to cause a service failure...

OSV-2023-797 Stack-buffer-overflow in QBuffer::readData

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62075 Crash type: Stack-buffer-overflow WRITE Crash state: QBuffer::readData QIODevicePrivate::read QDataStream::readRawData...

SUSE SLES15: apache2-mod_php8 / php8 / php8-bcmath / php8-bz2 / php8-calendar / etc (SUSE-SU-2023:3528-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3528-1 advisory. - CVE-2023-3823: Fixed an issue with external entity loading in XML without enabling it. bsc1214106 - CVE-2023-3824:...

Debian dla-3556 : aom-tools - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3556 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3556-1 [email protected]...

Debian dla-3555 : libapache2-mod-php7.3 - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3555 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3555-1 [email protected]...

Debian DSA-5490-1 : aom - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5490 advisory. - AOM v2.0.1 was discovered to contain a NULL pointer dereference via the component av1/av1dxiface.c. CVE-2020-36130 - AOM v2.0.1 was discovered to contain a stac...

[SECURITY] [DLA 3555-1] php7.3 security update

Debian LTS Advisory DLA-3555-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin September 05, 2023 https://wiki.debian.org/LTS Package : php7.3 Version : 7.3.31-1deb10u5 CVE ID : CVE-2023-3823 CVE-2023-3824 Security issues were found in PHP, a widely-used open sourc...