AZL-32270 CVE-2023-7008 affecting package systemd for versions less than 250.3-22

A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles or the upstream DNS resolver to manipulate records...

DEBIAN-CVE-2023-7008

A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles or the upstream DNS resolver to manipulate records...

AZL-32271 CVE-2023-7008 affecting package systemd-bootstrap for versions less than 250.3-13

A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles or the upstream DNS resolver to manipulate records...

UBUNTU-CVE-2023-7008

A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles or the upstream DNS resolver to manipulate records...

CVE-2023-7008 Systemd-resolved: unsigned name response in signed zone is not refused when dnssec=yes

A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles or the upstream DNS resolver to manipulate records...

SUSE CVE-2023-7008

A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles or the upstream DNS resolver to manipulate records...

Huawei EulerOS: Security Advisory for protobuf-c (EulerOS-SA-2023-3447)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PHOENIX CONTACT PLCnext Engineer and PLCnext Control Devices Security Vulnerability

PHOENIX CONTACT PLCnext Engineer and PHOENIX CONTACT PLCnext Control Devices are both products of PHOENIX CONTACT, Germany. PHOENIX CONTACT PLCnext Engineer is an engineering software platform for automation controllers and PHOENIX CONTACT PLCnext Control Devices are programmable logic controller...

The vulnerability of the graphics driver of AMD Radeon microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the graphics driver of AMD Radeon microprogramming software is related to incorrect verification of the cryptographic signature. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

CVE-2023-48025

Liblisp through commit 4c65969 was discovered to contain a out-of-bounds-read vulnerability in unsigned getlengthlispcellt x at eval.c...

Out-of-bounds

Liblisp through commit 4c65969 was discovered to contain a out-of-bounds-read vulnerability in unsigned getlengthlispcellt x at eval.c...

Oracle Linux 9 : protobuf-c (ELSA-2023-6621)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-6621 advisory. 1.3.3-13 - Applied patch for for CVE-2022-48468 2186677 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

CVE-2023-20568

Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch RadeonInstaller.exe without validating the file signature potentially leading to arbitrary code execution...

nodejs: path traversal through path stored in Uint8Array

Various node:fs functions allow specifying paths as either strings or Uint8Array objects. In Node.js environments, the Buffer class extends the Uint8Array class. Node.js prevents path traversal through strings see CVE-2023-30584 and Buffer objects see CVE-2023-32004, but not through non-Buffer...

protobuf-c: unsigned integer overflow in parse_required_member

A vulnerability was found in protobuf-c. This security flaw leads to an unsigned integer overflow in parserequiredmember...

Moderate: Red Hat Security Advisory: protobuf-c security update

An update for protobuf-c is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

PT-2023-7302 · Amd · Radeon Rx Vega M Graphics Driver

Name of the Vulnerable Software and Affected Versions: RadeonTM RX Vega M Graphics driver for Windows affected versions not specified Description: The issue is related to improper signature verification of the RadeonTM RX Vega M Graphics driver for Windows. This may allow an attacker with admin...

ALSA-2023:6944 Moderate: protobuf-c security update

The protobuf-c packages provide C bindings for Google's Protocol Buffers. Security Fixes: protobuf-c: unsigned integer overflow in parserequiredmember CVE-2022-48468 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, ref...

CentOS 8 : protobuf-c (CESA-2023:6944)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:6944 advisory. - protobuf-c before 1.4.1 has an unsigned integer overflow in parserequiredmember. CVE-2022-48468 Note that Nessus has not tested for this issue but has instead...

RHEL 8 : protobuf-c (RHSA-2023:6944)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:6944 advisory. The protobuf-c packages provide C bindings for Google's Protocol Buffers. Security Fixes: protobuf-c: unsigned integer overflow in parserequiredmembe...