336 matches found
CVE-2023-5077 vulnerabilities
Vulnerabilities for packages: k3d...
SUSE CVE-2023-4585
Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox 117, Firefox ESR...
IBM Sterling Connect:Express for UNIX 安全漏洞
IBM Sterling Connect:Express for UNIX is a file transfer solution from International Business Machines IBM for the UNIX platform. A security vulnerability exists in IBM Sterling Connect:Express for UNIX version 1.5, which stems from the vulnerability of the browser UI to cookies...
[SECURITY] Fedora 37 Update: kernel-6.3.7-100.fc37
The kernel meta package...
[SECURITY] Fedora 38 Update: xen-4.17.0-9.fc38
This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...
IBM AIX Command Execution Vulnerability
IBM AIX Advanced Interactive eXecutive is a UNIX operating system developed by IBM. IBM AIX has a command execution vulnerability that can be exploited by an attacker to execute arbitrary commands...
IBM DB2 安全漏洞
IBM DB2 is a relational database management system from International Business Machines IBM. The main execution environments for this system are UNIX, Linux, IBMi, z/OS, and Windows server versions. A code execution vulnerability exists in IBM DB2, which can be exploited by an attacker to cause...
SUSE CVE-2015-3240
The pluto IKE daemon in libreswan before 3.15 and Openswan before 2.6.45, when built with NSS, allows remote attackers to cause a denial of service assertion failure and daemon restart via a zero DH g^x value in a KE payload in a IKE packet...
IBM AIX 安全漏洞
IBM AIX is an open standards-based UNIX operating system developed by International Business Machines IBM for the IBM Power architecture. IBM AIX suffers from a denial-of-service vulnerability that can be exploited by unprivileged local attackers to cause a denial of service...
Mozilla: Symlinks may resolve to partially uninitialized buffers
The Mozilla Foundation Security Advisory describes this flaw as: When resolving a symlink such as file:///proc/self/fd/1, an error message may be produced where the symlink was resolved to a string containing unitialized memory in the buffer...
Important: mingw-zlib security update
The zlib packages provide a general-purpose lossless data compression library that is used by many different programs. Security Fixes: zlib: A flaw found in zlib when compressing not decompressing certain inputs CVE-2018-25032 For more details about the security issues, including the impact, a CV...
Oracle Solaris Denial of Service Vulnerability (CNVD-2022-54630)
Oracle Solaris is a UNIX operating system from Oracle. A denial of service vulnerability exists in the SMB Server component of Oracle Solaris 11. An attacker could exploit this vulnerability to corrupt Oracle Solaris and cause Oracle Solaris to hang or crash frequently and repeatedly a complete...
Important: kernel security, bug fix, and enhancement update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: fget: check that the fd still exists after getting a ref to it CVE-2021-4083 kernel: avoid cyclic entity chains due to malformed USB descriptors CVE-2020-0404 kernel: speculation on...
subscription-manager bug fix and enhancement update
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...
Appneta Tcpreplay 安全漏洞
Appneta Tcpreplay is a suite of open source utilities for editing and replaying network traffic on UNIX-based operating systems from Appneta, Inc. A security vulnerability exists in Appneta Tcpreplay version 4.4.1, which stems from a memory leak in the fixipv6checksums function that affects data...
Oracle Solaris Denial of Service Vulnerability (CNVD-2022-31682)
Oracle Solaris is a UNIX operating system from Oracle. A security vulnerability exists in Oracle Systems' Oracle Solaris product component: kernel that could allow a low-privileged attacker to compromise Oracle Solaris by logging on to the infrastructure that executes Oracle Solaris.The...
Oracle Solaris has an unspecified vulnerability (CNVD-2022-31849)
Oracle Solaris is a UNIX operating system from Oracle Systems, Inc. A security vulnerability in Oracle Solaris allows a highly privileged attacker to compromise Oracle Solaris by logging into the infrastructure where Oracle Solaris is executed. A successful attack requires human interaction from...
Important: Red Hat Security Advisory: kernel security update
An update for kernel is now available for Red Hat Enterprise Linux 7.3 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
CVE-2022-25484
tcpprep v4.4.1 has a reachable assertion assertl2len 0 in packet2tree at tree.c in tcpprep v4.4.1...
IBM AIX 输入验证错误漏洞
IBM AIX is an open standards-based UNIX operating system developed by IBM for the IBM Power architecture. IBM AIX has an input validation error vulnerability, which stems from a problem with CAA/Kernel and can be exploited by an attacker to trigger a denial of service...