13007 matches found
EulerOS Virtualization 2.10.0 : libxml2 (EulerOS-SA-2024-1987)
According to the versions of the libxml2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation...
EulerOS Virtualization 2.10.1 : python-pycryptodome (EulerOS-SA-2024-2010)
According to the versions of the python-pycryptodome package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploitable for a Manger...
EulerOS Virtualization 2.10.1 : ncurses (EulerOS-SA-2024-2006)
According to the versions of the ncurses packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinfo/libtermcap.c.CVE-2023-45918 Tenable has extracted the...
EulerOS Virtualization 2.10.0 : unbound (EulerOS-SA-2024-1994)
According to the versions of the unbound packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The Closest Encloser Proof aspect of the DNS protocol in RFC 5155 when RFC 9276 guidance is skipped allows remote attackers to cau...
EulerOS Virtualization 2.10.0 : ncurses (EulerOS-SA-2024-1988)
According to the versions of the ncurses packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : ncurses 6.4-20230610 has a NULL pointer dereference in tgetstr in tinfo/libtermcap.c.CVE-2023-45918 Tenable has extracted the...
EulerOS Virtualization 2.10.0 : libvirt (EulerOS-SA-2024-1997)
According to the versions of the libvirt package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code allocates memory for arrays before the...
EulerOS Virtualization 2.10.1 : python-cryptography (EulerOS-SA-2024-2008)
According to the versions of the python-cryptography package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing ...
EulerOS Virtualization 2.10.0 : grub2 (EulerOS-SA-2024-1983)
According to the versions of the grub2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the grub2-set-bootflag utility of grub2. After the fix of CVE-2019-14865, grub2-set- bootflag will create a...
EulerOS Virtualization 2.10.1 : libvirt (EulerOS-SA-2024-2015)
According to the versions of the libvirt package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code allocates memory for arrays before the...
EulerOS Virtualization 2.10.0 : python-cryptography (EulerOS-SA-2024-1990)
According to the versions of the python-cryptography package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing ...
EulerOS Virtualization 2.10.1 : util-linux (EulerOS-SA-2024-2013)
According to the versions of the util-linux packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : wall in util-linux through 2.40, often installed with setgid tty permissions, allows escape sequences to be sent to other users...
EulerOS Virtualization 2.10.0 : libuv (EulerOS-SA-2024-1986)
According to the versions of the libuv package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libuv is a multi-platform support library with a focus on asynchronous I/O. The uvgetaddrinfo function in src/unix/getaddrinfo.c and...
EulerOS Virtualization 2.10.0 : expat (EulerOS-SA-2024-1982)
According to the versions of the expat package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libexpat through 2.5.0 allows recursive XML Entity Expansion if XMLDTD is undefined at compile time.CVE-2023-52426 Tenable has...
EulerOS Virtualization 2.10.1 : libtiff (EulerOS-SA-2024-2003)
According to the versions of the libtiff package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libtiff 4.5.0 is vulnerable to Buffer Overflow in uvencode when libtiff reads a corrupted little-endian TIFF file and specifies the...
EulerOS Virtualization 2.10.0 : libtiff (EulerOS-SA-2024-1985)
According to the versions of the libtiff package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : libtiff 4.5.0 is vulnerable to Buffer Overflow in uvencode when libtiff reads a corrupted little-endian TIFF file and specifies the...
EulerOS Virtualization 2.10.0 : python-pillow (EulerOS-SA-2024-1991)
According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different...
EulerOS Virtualization 2.10.1 : python-pillow (EulerOS-SA-2024-2009)
According to the versions of the python-pillow package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different...
Vulnerabilities fixed in Oracle Virtualization
Vulnerabilities have been fixed in Oracle Virtualization. A malicious party can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: Denial-of-Service DoS. Access to sensitive data Remote code execution User rights Oracle has made updates available to...
CVE-2024-21161
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 7.0.20. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise...
CVE-2024-21161
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 7.0.20. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise...