ROS-20240619-03

A vulnerability in the userinfo URI subcomponent of the GNU Wget download manager is related to an insecure behavior whereby in which data that should be in the userinfo subcomponent is misinterpreted as being part of the host subcomponent. Exploitation of the vulnerability could allow an attacke...

CVE-2024-38428

url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent...

CVE-2024-38428

url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent...

CVE-2024-38428

url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent...

CVE-2024-38428

url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent...

CVE-2024-38428

url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent...

CVE-2023-52472

A null pointer dereference flaw was found in mpialloc in the crypto rsa subcomponent in the Linux kernel...

Linux Kernel Denial of Service Vulnerability (CNVD-2023-71723)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A denial of service vulnerability exists in the Linux Kernel, which originates from a NULL pointer dereference flaw in vmxnet3rqcleanup in drivers/net/vmxnet3/vmxnet3drv.c in t...

Ubuntu 20.04 LTS : Linux kernel (Intel IoTG) vulnerabilities (USN-6134-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6134-1 advisory. It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some...

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6071-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6071-1 advisory. It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some...

EulerOS 2.0 SP8 : kernel (EulerOS-SA-2023-1598)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference flaw was found in rawv6pushpendingframes in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw...

Ubuntu 16.04 ESM : Linux kernel (GCP) vulnerabilities (USN-6009-1)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6009-1 advisory. It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use...

Ubuntu 18.04 LTS : Linux kernel (GCP) vulnerabilities (USN-5991-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5991-1 advisory. It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-5984-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5984-1 advisory. It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use...

CBL Mariner 2.0 Security Update: hyperv-daemons / kernel (CVE-2023-0394)

The version of hyperv-daemons / kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-0394 advisory. - A NULL pointer dereference flaw was found in rawv6pushpendingframes in net/ipv6/raw.c in the...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2023-12196)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12196 advisory. - l2tp: Serialize access to skuserdata with skcallbacklock Jakub Sitnicki Orabug: 34951574 CVE-2022-4129 - wifi: rndiswlan: Prevent buffer overflo...

NULL Pointer Dereference

openssl is vulnerable to NULL Pointer Dereference. The vulnerability exists because there is a missing check network subcomponent in the Linux kernel, which later leads to invalid usage of the digest api most likely leading to a crash...

K33567812: Kernel vulnerabilities CVE-2017-12192 and CVE-2017-15274

Security Advisory Description CVE-2017-12192 The keyctlreadkey function in security/keys/keyctl.c in the Key Management subcomponent in the Linux kernel before 4.13.5 does not properly consider that a key may be possessed but negatively instantiated, which allows local users to cause a denial of...

SUSE CVE-2018-2813

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DDL. Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

SUSE CVE-2019-2738

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server : Compiling. Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple...