Critical: Red Hat Security Advisory: java-1.7.1-ibm security update

An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 7 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

EulerOS Virtualization for ARM 64 3.0.6.0 : glibc (EulerOS-SA-2021-1537)

According to the versions of the glibc packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A flaw was found in glibc. If an attacker provides the iconv function with invalid multi-byte input sequences in IBM136...

RHEL 7 : java-1.7.1-ibm (RHSA-2021:0733)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0733 advisory. IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IB...

SUSE SLES12 Security Update : grub2 (SUSE-SU-2021:0682-1)

This update for grub2 fixes the following issues : grub2 now implements the new 'SBAT' method for SHIM based secure boot revocation. bsc1182057 Following security issues are fixed that can violate secure boot constraints : CVE-2020-25632: Fixed a use-after-free in rmmod command bsc1176711...

D-Link DAP-2020 <= 1.01 Multiple Vulnerabilities - Active Check

D-Link DAP-2020 devices are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPEPREFIX = "cpe:/o:dlink"; if...

SUSE SLES15 Security Update : java-1_8_0-ibm (SUSE-SU-2021:0670-1)

This update for java-180-ibm fixes the following issues : Update to Java 8.0 Service Refresh 6 Fix Pack 25 bsc1182186, bsc1181239, CVE-2020-27221, CVE-2020-14803 - CVE-2020-27221: Potential for a stack-based buffer overflow when the virtual machine or JNI natives are converting from UTF-8...

SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2021:0652-1)

This update for java-180-ibm fixes the following issues : Update to Java 8.0 Service Refresh 6 Fix Pack 25 bsc1182186, bsc1181239, CVE-2020-27221, CVE-2020-14803 - CVE-2020-27221: Potential for a stack-based buffer overflow when the virtual machine or JNI natives are converting from UTF-8...

CVE-2021-26567

Stack-based buffer overflow vulnerability in frontend/main.c in faad2 before 2.2.7.1 allow local attackers to execute arbitrary code via filename and pathname options...

CVE-2021-27799

eanleadingzeroes in backend/upcean.c in Zint Barcode Generator 2.9.1 has a stack-based buffer overflow that is reachable from the C API through an application that includes the Zint Barcode Generator library code...

CVE-2021-27799

eanleadingzeroes in backend/upcean.c in Zint Barcode Generator 2.9.1 has a stack-based buffer overflow that is reachable from the C API through an application that includes the Zint Barcode Generator library code...

CVE-2021-26567

Summary: CVE-2021-26567 is a stack-based buffer overflow in the FAAD2 decoder (frontend/main.c) of faad2 prior to 2.2.7.1. The vulnerability allows a local attacker to execute arbitrary code via crafted filename and pathname options. Affected context is mainly Synology DiskStation Manager (faad2 ...

CVE-2021-27799

eanleadingzeroes in backend/upcean.c in Zint Barcode Generator 2.9.1 has a stack-based buffer overflow that is reachable from the C API through an application that includes the Zint Barcode Generator library code...

FATEK Automation FvDesigner

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low skill level to exploit Vendor: FATEK Automation Equipment: FvDesigner Vulnerabilities: Use After Free, Access of Uninitialized Pointer, Stack-based Buffer Overflow, Out-of-Bounds Write, Out-of-Bounds Read 2. RISK EVALUATION Successful exploitation...

CVE-2020-28599

A stack-based buffer overflow vulnerability exists in the importstl.cc:importstl functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability...

Siemens JT2Go PAR File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Siemens JT2Go. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PAR...

Huawei EulerOS: Security Advisory for openjpeg (EulerOS-SA-2021-1336)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP2 : openjpeg (EulerOS-SA-2021-1336)

According to the versions of the openjpeg package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An invalid write access was discovered in bin/jp2/convert.c in OpenJPEG 2.2.0, triggering a crash in the tgatoimage function. The vulnerability...

EulerOS 2.0 SP2 : poppler (EulerOS-SA-2021-1347)

According to the versions of the poppler packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Poppler 0.74.0 has a heap-based buffer over-read in the CairoRescaleBox.cc downsamplerowboxfilter function.CVE-2019-9631 - In Poppler through...

Huawei EulerOS: Security Advisory for sox (EulerOS-SA-2021-1359)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-26713

A stack-based buffer overflow in resrtpasterisk.c in Sangoma Asterisk before 16.16.1, 17.x before 17.9.2, and 18.x before 18.2.1 and Certified Asterisk before 16.8-cert6 allows an authenticated WebRTC client to cause an Asterisk crash by sending multiple hold/unhold requests in quick succession...