EulerOS 2.0 SP8 : php (EulerOS-SA-2023-3145)

According to the versions of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In PHP versions 8.0. before 8.0.29, 8.1. before 8.1.20, 8.2. before 8.2.7 when using SOAP HTTP Digest Authentication, random value generator was no...

EulerOS 2.0 SP10 : json-c (EulerOS-SA-2023-3216)

According to the versions of the json-c package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in json-c from 20200420 post 0.14 unreleased code through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary...

EulerOS Virtualization 2.10.0 : json-c (EulerOS-SA-2023-3472)

According to the versions of the json-c package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in json-c from 20200420 post 0.14 unreleased code through 0.15-20200726. A stack-buffer-overflow exists in...

EulerOS Virtualization 2.11.1 : json-c (EulerOS-SA-2023-3358)

According to the versions of the json-c package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in json-c from 20200420 post 0.14 unreleased code through 0.15-20200726. A stack-buffer-overflow exists in...

EulerOS 2.0 SP11 : json-c (EulerOS-SA-2023-3032)

According to the versions of the json-c package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in json-c from 20200420 post 0.14 unreleased code through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary...

EulerOS 2.0 SP11 : json-c (EulerOS-SA-2023-3009)

According to the versions of the json-c package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in json-c from 20200420 post 0.14 unreleased code through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary...

EulerOS Virtualization 3.0.6.0 : php (EulerOS-SA-2023-3445)

According to the versions of the php packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - In PHP versions 8.0. before 8.0.29, 8.1. before 8.1.20, 8.2. before 8.2.7 when using SOAP HTTP Digest Authentication, random value...

EulerOS Virtualization 2.10.1 : json-c (EulerOS-SA-2023-3500)

According to the versions of the json-c package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in json-c from 20200420 post 0.14 unreleased code through 0.15-20200726. A stack-buffer-overflow exists in...

EulerOS Virtualization 2.11.0 : json-c (EulerOS-SA-2023-3377)

According to the versions of the json-c package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in json-c from 20200420 post 0.14 unreleased code through 0.15-20200726. A stack-buffer-overflow exists in...

EulerOS 2.0 SP10 : json-c (EulerOS-SA-2023-3181)

According to the versions of the json-c package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in json-c from 20200420 post 0.14 unreleased code through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary...

The vulnerability of the file /cgi-bin/cstecgi.cgi?action=login&flag=ie8, which is part of the microprogramming software for TOTOLINK N350RT routers, allows a hacker to execute arbitrary code.

The vulnerability of the file /cgi-bin/cstecgi.cgi?action=login&flag=ie8 in the microprogramming software for TOTOLINK N350RT routers is related to buffer overflow in the stack. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS : Libspf2 vulnerabilities (USN-6584-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6584-1 advisory. Philipp Jeitner and Haya Shulman discovered that Libspf2 incorrectly handled certain inputs. If a user or an automated system wer...

The vulnerability of the authentication function in the httpd API-AUTH Digest service of D-Link G416 microprogrammed router software allows a attacker to execute arbitrary code.

The vulnerability of the HTTP Digest authentication function in the httpd API-AUTH service of D-Link G416 microprogrammed router software is related to buffer overflow in the stack. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

squid34 security update

7:3.4.14-15.0.1 - Fix stack buffer overflow when parsing Digest Authorization CVE-2023-46847Orabug: 36053795...

squid security update

7:3.1.23-24.0.1 - Fix stack buffer overflow when parsing Digest Authorization CVE-2023-46847Orabug: 36053765...

OSV-2024-9 Stack-buffer-overflow in _canonicalize

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65635 Crash type: Stack-buffer-overflow READ Crash state: canonicalize ulocimpgetBaseName75 uresopenWithType...

PT-2024-40872 · Git +1 · Icu

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a stack-buffer-overflow read crash. The crash state involves several functions, including canonicalize, ulocimp getBaseName 75, a...

[SECURITY] [DLA 3709-1] squid security update

Debian LTS Advisory DLA-3709-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany January 09, 2024 https://wiki.debian.org/LTS Package : squid Version : 4.6-1+deb10u9 CVE ID : CVE-2023-46846 CVE-2023-46847 CVE-2023-49285 CVE-2023-49286 CVE-2023-50269 Debian Bug :...

CentOS 7 : firefox (RHSA-2023:4461)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:4461 advisory. - Offscreen Canvas did not properly track cross-origin tainting, which could have been used to access image data from another site in violation of...

Fedora 39 : espeak-ng (2024-5661c87b25)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-5661c87b25 advisory. Security fix for CVE-2023-49990, CVE-2023-49991, CVE-2023-49992, CVE-2023-49993, CVE-2023-49994. Tenable has extracted the preceding description blo...