PHP < 7.3.29 Multiple Vulnerabilities (Jul 2021) - Windows

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

EulerOS Virtualization for ARM 64 3.0.6.0 : grub2 (EulerOS-SA-2021-2001)

According to the versions of the grub2 packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A flaw was found in grub2 in versions prior to 2.06. Setparamprefix in the menu rendering code performs a length...

EulerOS Virtualization for ARM 64 3.0.6.0 : cairo (EulerOS-SA-2021-2017)

According to the version of the cairo packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provi...

fwupd security update

An update is available for fwupd. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The fwupd packages provide a service that allows session software to update...

Huawei EulerOS: Security Advisory for cairo (EulerOS-SA-2021-1977)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : cairo (EulerOS-SA-2021-1977)

According to the version of the cairo packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to...

PT-2021-7709 · Libde265 +3 · Libde265 +3

Name of the Vulnerable Software and Affected Versions: libde265 version 1.0.8 Description: A stack-buffer-overflow issue exists in the libde265 video codec, specifically in the put epel hv fallback function of the fallback-motion.cc component. This can be exploited by a remote attacker to cause a...

The vulnerability of the CODESYS V2.3 web server component of the CODESYS industrial automation software suite allows a perpetrator to trigger a service failure.

The vulnerability of the CODESYS V2.3 web server component of the industrial automation software suite arises due to an overflow in the buffer on the stack. Exploiting this vulnerability could allow a malicious actor to cause a service failure...

SerenityOS stack buffer overflow vulnerability (CNVD-2021-44280)

SerenityOS is a graphical Unix-like operating system for x86 computers. A stack buffer overflow vulnerability exists in the setrange test in TestBitmap in SerenityOS. An attacker can exploit this vulnerability to obtain sensitive information...

SerenityOS stack buffer overflow vulnerability (CNVD-2021-44281)

SerenityOS is a graphical Unix-like operating system for x86 computers. A stack buffer overflow vulnerability exists in test-crypto.cpp in SerenityOS, which can be exploited by an attacker to obtain sensitive information...

CVE-2021-33186

SerenityOS in test-crypto.cpp contains a stack buffer overflow which could allow attackers to obtain sensitive information...

Stack overflow

SerenityOS in test-crypto.cpp contains a stack buffer overflow which could allow attackers to obtain sensitive information...

CVE-2021-33186

CVE-2021-33186 relates to SerenityOS and specifically a vulnerability in the file/test-crypto.cpp where a stack buffer overflow is reported. The NVD entry notes potential disclosure of sensitive information as the impact. The CVSS data shows a CVSS v3.1 base score of 7.5 (HIGH) with network attac...

Ubuntu 18.04 LTS / 20.04 LTS : GRUB 2 vulnerabilities (USN-4992-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4992-1 advisory. Mt Kukri discovered that the acpi command in GRUB 2 allowed privileged users to load crafted ACPI tables when secure boot is enabled. An...

VulnCheck KEV: CVE-2017-1000253

Linux kernel contains a position-independent executable PIE stack buffer corruption vulnerability in loadelf binary that allows a local attacker to escalate privileges...

Trojan.Win32.Alien.erf Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/57ab194d8c60ee97914eda22e4d71b68B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan.Win32.Alien.erf Vulnerability: Remote Stack Buffer Overflow Description: The malware deploys...

[ASA-202106-44] connman: arbitrary code execution

Arch Linux Security Advisory ASA-202106-44 ========================================== Severity: High Date : 2021-06-16 CVE-ID : CVE-2021-33833 Package : connman Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-2055 Summary ======= The package connman before...

CVE-2021-22898

curl 7.7 through 7.76.1 suffers from an information disclosure when the -t command line option, known as CURLOPTTELNETOPTIONS in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEWENV variables, libcurl could be made to pass on...

CVE-2021-22898

CVE-2021-22898 affects curl before the patch levels that fix TELNET option handling. Specifically, curl 7.7–7.76.1 could disclose information when using the -t option (CURLOPT_TELNETOPTIONS) to send NEW_ENV variables due to a flaw in the option parser that passes uninitialized data from a stack b...

CVE-2021-22898

curl 7.7 through 7.76.1 suffers from an information disclosure when the -t command line option, known as CURLOPTTELNETOPTIONS in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEWENV variables, libcurl could be made to pass on...