EulerOS 2.0 SP10 : json-c (EulerOS-SA-2023-3216)

According to the versions of the json-c package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in json-c from 20200420 post 0.14 unreleased code through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary...

EulerOS Virtualization 2.10.1 : json-c (EulerOS-SA-2023-3500)

According to the versions of the json-c package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in json-c from 20200420 post 0.14 unreleased code through 0.15-20200726. A stack-buffer-overflow exists in...

EulerOS Virtualization 2.11.1 : json-c (EulerOS-SA-2023-3358)

According to the versions of the json-c package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in json-c from 20200420 post 0.14 unreleased code through 0.15-20200726. A stack-buffer-overflow exists in...

EulerOS 2.0 SP11 : json-c (EulerOS-SA-2023-3032)

According to the versions of the json-c package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in json-c from 20200420 post 0.14 unreleased code through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary...

EulerOS Virtualization 3.0.6.0 : php (EulerOS-SA-2023-3445)

According to the versions of the php packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In PHP versions 8.0. before 8.0.29, 8.1. before 8.1.20, 8.2. before 8.2.7 when using SOAP HTTP Digest Authentication, random value...

EulerOS 2.0 SP11 : json-c (EulerOS-SA-2023-3009)

According to the versions of the json-c package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in json-c from 20200420 post 0.14 unreleased code through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary...

EulerOS Virtualization 2.11.0 : json-c (EulerOS-SA-2023-3377)

According to the versions of the json-c package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in json-c from 20200420 post 0.14 unreleased code through 0.15-20200726. A stack-buffer-overflow exists in...

EulerOS 2.0 SP10 : json-c (EulerOS-SA-2023-3181)

According to the versions of the json-c package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in json-c from 20200420 post 0.14 unreleased code through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary...

The vulnerability of the file /cgi-bin/cstecgi.cgi?action=login&flag=ie8, which is part of the microprogramming software for TOTOLINK N350RT routers, allows a hacker to execute arbitrary code.

The vulnerability of the file /cgi-bin/cstecgi.cgi?action=login&flag=ie8 in the microprogramming software for TOTOLINK N350RT routers is related to buffer overflow in the stack. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS : Libspf2 vulnerabilities (USN-6584-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6584-1 advisory. Philipp Jeitner and Haya Shulman discovered that Libspf2 incorrectly handled certain inputs. If a user or an automated system wer...

The vulnerability of the authentication function in the httpd API-AUTH Digest service of D-Link G416 microprogrammed router software allows a attacker to execute arbitrary code.

The vulnerability of the HTTP Digest authentication function in the httpd API-AUTH service of D-Link G416 microprogrammed router software is related to buffer overflow in the stack. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

squid34 security update

7:3.4.14-15.0.1 - Fix stack buffer overflow when parsing Digest Authorization CVE-2023-46847Orabug: 36053795...

squid security update

7:3.1.23-24.0.1 - Fix stack buffer overflow when parsing Digest Authorization CVE-2023-46847Orabug: 36053765...

OSV-2024-9 Stack-buffer-overflow in _canonicalize

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65635 Crash type: Stack-buffer-overflow READ Crash state: canonicalize ulocimpgetBaseName75 uresopenWithType...

PT-2024-40872 · Git +1 · Icu

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow read crash. The crash state involves several functions, including canonicalize, ulocimp getBaseName 75, a...

[SECURITY] [DLA 3709-1] squid security update

Debian LTS Advisory DLA-3709-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany January 09, 2024 https://wiki.debian.org/LTS Package : squid Version : 4.6-1+deb10u9 CVE ID : CVE-2023-46846 CVE-2023-46847 CVE-2023-49285 CVE-2023-49286 CVE-2023-50269 Debian Bug :...

Fedora 39 : espeak-ng (2024-5661c87b25)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-5661c87b25 advisory. Security fix for CVE-2023-49990, CVE-2023-49991, CVE-2023-49992, CVE-2023-49993, CVE-2023-49994. Tenable has extracted the preceding description blo...

CVE-2023-34325

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. libfsimage contains parsing code for several filesystems, most of them based on grub-legacy code. libfsimage is used by pygrub to inspect guest disks. Pygrub runs as the...

CVE-2023-34325

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. libfsimage contains parsing code for several filesystems, most of them based on grub-legacy code. libfsimage is used by pygrub to inspect guest disks. Pygrub runs as the...

CVE-2023-34325

CVE-2023-34325 concerns Xen’s copy of libfsimage (derived from grub) used by pygrub. A stack buffer overflow can be triggered by guest-controlled input when pygrub runs with superuser privileges in a privileged domain. Xen notes patches to run pygrub in deprivileged mode to avoid exploitation. CV...