Fedora: Security Advisory for rust-cranelift-entity (FEDORA-2021-432f4980b4)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: Red Hat Security Advisory: glib2 security update

An update for glib2 is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

[SECURITY] Fedora 34 Update: rust-cranelift-entity-0.74.0-1.fc34

Data structures using entity references as mapping keys...

Heap overflow

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology DiskStation Manager. Authentication is not required to exploit this vulnerablity. The specific flaw exists within the processing of DSI structures in Netatalk. The issue results fr...

CVE-2021-31439

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology DiskStation Manager. Authentication is not required to exploit this vulnerablity. The specific flaw exists within the processing of DSI structures in Netatalk. The issue results fr...

CVE-2021-31439

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology DiskStation Manager. Authentication is not required to exploit this vulnerablity. The specific flaw exists within the processing of DSI structures in Netatalk. The issue results fr...

CVE-2021-31439

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology DiskStation Manager. Authentication is not required to exploit this vulnerablity. The specific flaw exists within the processing of DSI structures in Netatalk. The issue results fr...

The vulnerability of the Magento Commerce software platform for developing and managing online stores stems from the lack of measures to protect SQL query structures, allowing attackers to gain unauthorized access to protected information.

The vulnerability of the Magento Commerce development and management software platform lies in the lack of measures to protect SQL query structures. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information by using administrator-level access rights...

Liferay Portal 安全漏洞

Liferay Portal is a J2EE-based portal solution from Liferay, Inc. The solution uses EJB as well as JMS and other technologies , and can be used as a Web publishing and sharing workspaces , enterprise collaboration platforms , social networks and so on. A security vulnerability exists in Liferay...

[SECURITY] Fedora 34 Update: kernel-headers-5.11.20-300.fc34

Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package...

CVE-2020-14009

Proofpoint Enterprise Protection PPS/PoD before 8.16.4 contains a vulnerability that could allow an attacker to deliver an email message with a malicious attachment that bypasses scanning and file-blocking rules. The vulnerability exists because messages with certain crafted and malformed multipa...

CVE-2020-14009

Proofpoint Enterprise Protection PPS/PoD before 8.16.4 contains a vulnerability that could allow an attacker to deliver an email message with a malicious attachment that bypasses scanning and file-blocking rules. The vulnerability exists because messages with certain crafted and malformed multipa...

CVE-2020-14009

Affected product: Proofpoint Enterprise Protection (PPS/PoD) prior to version 8.16.4. Root cause: Messages with crafted/malformed multipart structures are not properly handled, enabling bypass of scanning and file-blocking rules. Impact: An attacker could deliver an email with a malicious attachm...

Oracle Linux 6 : kernel (ELSA-2021-9212)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9212 advisory. 2.6.32-754.35.1.0.3.OL6 - Fixes for RHSA-2021:1288 Orabug: 32809880 Tenable has extracted the preceding description block directly from the Oracle Linu...

[SECURITY] Fedora 32 Update: kernel-headers-5.11.14-100.fc32

Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package...

EulerOS Virtualization 2.9.0 : kernel (EulerOS-SA-2021-1751)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the...

GO-2020-0002

The Data, Context, or Key finalizers might run during or before GPGME operations. This will release the C structures that are still in use, leading to crashes and potentially code execution through a use-after-free...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2021-9172)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2021-9172 advisory. - Xen/gnttab: handle p2m update errors on a per-slot basis Jan Beulich Orabug: 32651477 CVE-2021-28038 - scsi: iscsi: Verify lengths on passthrough PDU...

SUSE SLES12 Security Update : kernel (SUSE-SU-2021:1074-1)

This update for the Linux Kernel 4.4.180-94141 fixes several issues. The following security issues were fixed : CVE-2021-27365: Fixed an issue where data structures did not have appropriate length constraints or checks, and could exceed the PAGESIZE value bsc1183491. CVE-2021-27363: Fixed a kerne...

Privilege Escalation

kernel-rt is vulnerable to privilege escalation. The vulnerability exists due to certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGESIZE value which allows an unprivileged user to send a Netlink message that is associated with iSCSI, and has...