249 matches found
Alibaba Cloud Linux 3 : 0282: gstreamer1-plugins-good (ALINUX3-SA-2024:0282)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0282 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-47537: GStreamer is a library for...
rsync: Info Leak via Uninitialized Stack Contents
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time...
CVE-2025-27810
Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays...
UBUNTU-CVE-2025-27810
Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays...
Mbed TLS 安全漏洞
Mbed TLS is an open source, portable, easy to use, readable and flexible SSL library from Mbed TLS Open Source. A security vulnerability exists in Mbed TLS versions prior to 2.28.10 and 3.x versions prior to 3.6.3, which stems from the use of uninitialized stack memory under certain circumstances...
CVE-2025-27810
Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays...
CVE-2025-27810
Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays...
CVE-2025-27810
Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays...
CVE-2025-21835
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: fmidi: fix MIDI Streaming descriptor lengths While the MIDI jacks are configured correctly, and the MIDIStreaming endpoint descriptors are filled with the correct information, bNumEmbMIDIJack and bLength are set...
Linux Distros Unpatched Vulnerability : CVE-2023-52452
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Fix accesses to uninit stack slots Privileged programs are supposed to be able to read uninitialized stack memory ever since 6715df8d5 but, before this...
Important: Red Hat Security Advisory: Logging for Red Hat OpenShift - 5.8.17
Logging for Red Hat OpenShift - 5.8.17 Logging for Red Hat OpenShift - 5.8.17 cluster-logging-operator-container: Info Leak via Uninitialized Stack Contents openshift-logging-5.8...
Important: gstreamer1-plugins-good
Issue Overview: GStreamer is a library for constructing graphs of media-handling components. The program attempts to reallocate the memory pointed to by stream-samples to accommodate stream-nsamples + samplescount elements of type QtDemuxSample. The problem is that samplescount is read from the...
rsync: Info Leak via Uninitialized Stack Contents
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time...
Important: Red Hat Security Advisory: rsync security update
An update for rsync is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service. Red Hat Product Security has rated this update as...
Important: Red Hat Security Advisory: rsync security update
An update for rsync is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Important: Red Hat Security Advisory: rsync security update
An update for rsync is now available for Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Important: Red Hat Security Advisory: rsync security update
An update for rsync is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
RHEL 8 : rsync (RHSA-2025:0790)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:0790 advisory. The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only...
Important: Red Hat Security Advisory: rsync security update
An update for rsync is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
RHEL 9 : rsync (RHSA-2025:0688)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:0688 advisory. The rsync utility enables the users to copy and synchronize files locally or across a network. Synchronization with rsync is fast because rsync only...