EulerOS 2.0 SP11 : json-c (EulerOS-SA-2023-3009)

According to the versions of the json-c package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in json-c from 20200420 post 0.14 unreleased code through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary...

EulerOS Virtualization 2.10.1 : json-c (EulerOS-SA-2023-3500)

According to the versions of the json-c package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in json-c from 20200420 post 0.14 unreleased code through 0.15-20200726. A stack-buffer-overflow exists in...

EulerOS Virtualization 2.11.1 : json-c (EulerOS-SA-2023-3358)

According to the versions of the json-c package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in json-c from 20200420 post 0.14 unreleased code through 0.15-20200726. A stack-buffer-overflow exists in...

EulerOS 2.0 SP11 : json-c (EulerOS-SA-2023-3032)

According to the versions of the json-c package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in json-c from 20200420 post 0.14 unreleased code through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary...

EulerOS Virtualization 3.0.6.0 : php (EulerOS-SA-2023-3445)

According to the versions of the php packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In PHP versions 8.0. before 8.0.29, 8.1. before 8.1.20, 8.2. before 8.2.7 when using SOAP HTTP Digest Authentication, random value...

EulerOS Virtualization 2.11.0 : json-c (EulerOS-SA-2023-3377)

According to the versions of the json-c package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in json-c from 20200420 post 0.14 unreleased code through 0.15-20200726. A stack-buffer-overflow exists in...

EulerOS 2.0 SP10 : json-c (EulerOS-SA-2023-3181)

According to the versions of the json-c package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in json-c from 20200420 post 0.14 unreleased code through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS : Libspf2 vulnerabilities (USN-6584-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6584-1 advisory. Philipp Jeitner and Haya Shulman discovered that Libspf2 incorrectly handled certain inputs. If a user or an automated system wer...

squid34 security update

7:3.4.14-15.0.1 - Fix stack buffer overflow when parsing Digest Authorization CVE-2023-46847Orabug: 36053795...

squid security update

7:3.1.23-24.0.1 - Fix stack buffer overflow when parsing Digest Authorization CVE-2023-46847Orabug: 36053765...

OSV-2024-9 Stack-buffer-overflow in _canonicalize

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65635 Crash type: Stack-buffer-overflow READ Crash state: canonicalize ulocimpgetBaseName75 uresopenWithType...

PT-2024-40872 · Git +1 · Icu

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow read crash. The crash state involves several functions, including canonicalize, ulocimp getBaseName 75, a...

[SECURITY] [DLA 3709-1] squid security update

Debian LTS Advisory DLA-3709-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany January 09, 2024 https://wiki.debian.org/LTS Package : squid Version : 4.6-1+deb10u9 CVE ID : CVE-2023-46846 CVE-2023-46847 CVE-2023-49285 CVE-2023-49286 CVE-2023-50269 Debian Bug :...

CentOS 7 : firefox (RHSA-2023:4461)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:4461 advisory. - Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of...

Fedora 39 : espeak-ng (2024-5661c87b25)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-5661c87b25 advisory. Security fix for CVE-2023-49990, CVE-2023-49991, CVE-2023-49992, CVE-2023-49993, CVE-2023-49994. Tenable has extracted the preceding description blo...

CVE-2023-34325

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. libfsimage contains parsing code for several filesystems, most of them based on grub-legacy code. libfsimage is used by pygrub to inspect guest disks. Pygrub runs as the...

CVE-2023-34325

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. libfsimage contains parsing code for several filesystems, most of them based on grub-legacy code. libfsimage is used by pygrub to inspect guest disks. Pygrub runs as the...

CVE-2023-34325

CVE-2023-34325 concerns Xen’s copy of libfsimage (derived from grub) used by pygrub. A stack buffer overflow can be triggered by guest-controlled input when pygrub runs with superuser privileges in a privileged domain. Xen notes patches to run pygrub in deprivileged mode to avoid exploitation. CV...

CVE-2023-34325

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. libfsimage contains parsing code for several filesystems, most of them based on grub-legacy code. libfsimage is used by pygrub to inspect guest disks. Pygrub runs as the...

CVE-2023-34325 Multiple vulnerabilities in libfsimage disk handling

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. libfsimage contains parsing code for several filesystems, most of them based on grub-legacy code. libfsimage is used by pygrub to inspect guest disks. Pygrub runs as the...