8699 matches found
Low: curl
Issue Overview: libcurl's implementation of the printf functions triggers a buffer overflow when doing a large floating point output. If there are any application that accepts a format string from the outside without necessary input filtering, it could allow remote attacks. This flaw does not exi...
Important: python-crypto
Issue Overview: A heap-buffer overflow vulnerability was discovered in cryptopp. This vulnerability can be used to remotely gain access to shell. Affected Packages: python-crypto Issue Correction: Run yum update python-crypto or yum update --advisory ALAS-2017-801 to update your system.Run yum...
Low: glibc
Issue Overview: A stack overflow vulnerability was found in nssdnsgetnetbynamer. On systems with nsswitch configured to include "networks: dns" with a privileged or network-facing service that would attempt to resolve user-provided network names, an attacker could provide an excessively long...
Medium: php-ZendFramework
Issue Overview: The implementation of ORDER BY and GROUP BY in ZendDbSelect was discovered to be vulnerable to SQL injection. Affected Packages: php-ZendFramework Issue Correction: Run yum update php-ZendFramework or yum update --advisory ALAS-2016-767 to update your system. New Packages: noarch:...
Important: lighttpd
Issue Overview: It was discovered that lighttpd class did not properly protect against the HTTPPROXY variable name clash in a CGI context. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP reques...
Medium: jq
Issue Overview: A heap-based buffer overflow flaw was found in the tokenadd function. By tricking a victim into processing a specially crafted JSON file, an attacker could use this flaw to crash jq or, potentially, execute arbitrary code on the victim's system. CVE-2015-8863 Affected Packages: jq...
Important: postgresql94, postgresql93, postgresql92
Issue Overview: An integer overflow flaw, leading to a heap-based buffer overflow, was found in the PostgreSQL handling code for regular expressions. A remote attacker could use a specially crafted regular expression to cause PostgreSQL to crash or possibly execute arbitrary code. Affected...
Medium: net-snmp
Issue Overview: It was discovered that the snmppduparse function could leave incompletely parsed varBind variables in the list of variables. A remote, unauthenticated attacker could use this flaw to crash snmpd or, potentially, execute arbitrary code on the system with the privileges of the user...
Critical: openssl
Issue Overview: During certificate verfification, OpenSSL starting from version 1.0.1n and 1.0.2b will attempt to find an alternative certificate chain if the first attempt to build such a chain fails. An error in the implementation of this logic can mean that an attacker could cause certain chec...
Medium: php-ZendFramework
Issue Overview: Upstream reported http://framework.zend.com/security/advisory/ZF2015-04 a vulnerability in the Zend\Mail component in Zend Framework 2, specifically in how it handles headers. Headers are not correctly filtered for newlines, allowing the ability to send additional, unrelated heade...
Medium: mod_dav_svn, subversion
Issue Overview: A NULL pointer dereference flaw was found in the way the moddavsvn module handled certain requests for URIs that trigger a lookup of a virtual transaction name. A remote, unauthenticated attacker could send a request for a virtual transaction name that does not exist, causing...
Medium: ruby22
Issue Overview: As discussed in an upstream announcement https://www.ruby-lang.org/en/news/2015/04/13/ruby-openssl-hostname-matching-vulnerability/, Ruby's OpenSSL extension suffers a vulnerability through overly permissive matching of hostnames, which can lead to similar bugs such as...
Critical: docker
Issue Overview: Docker versions 1.3.0 through 1.3.1 allowed security options to be applied to images, allowing images to modify the default run profile of containers executing these images. This vulnerability could allow a malicious image creator to loosen the restrictions applied to a container'...
Medium: rsyslog
Issue Overview: A flaw was found in the way rsyslog handled invalid log message priority values. In certain configurations, a local attacker, or a remote attacker able to connect to the rsyslog port, could use this flaw to crash the rsyslog daemon. CVE-2014-3634 Affected Packages: rsyslog Issue...
Medium: glibc
Issue Overview: A directory traveral flaw was found in the way glibc loaded locale files. An attacker able to make an application use a specially crafted locale name value for example, specified in an LC environment variable could possibly use this flaw to execute arbitrary code with the privileg...
Medium: libXext
Issue Overview: Multiple integer overflows in X.org libXext 1.3.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the 1 XcupGetReservedColormapEntries, 2 XcupStoreColors, 3 XdbeGetVisualInfo, 4 XeviGetVisualInfo, 5...
Important: gnutls
Issue Overview: A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using...
Medium: cacti
Issue Overview: Cross-site request forgery CSRF vulnerability in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to hijack the authentication of users for unspecified commands, as demonstrated by requests that 1 modify binary files, 2 modify configurations, or 3 add arbitrary users...
Low: libxml2
Issue Overview: parser.c in libxml2 before 2.9.0, as used in Google Chrome before 28.0.1500.71 and other products, allows remote attackers to cause a denial of service out-of-bounds read via a document that ends abruptly, related to the lack of certain checks for the XMLPARSEREOF state. Affected...
Medium: subversion
Issue Overview: A flaw was found in the way the moddavsvn module handled OPTIONS requests. A remote attacker with read access to an SVN repository served via HTTP could use this flaw to cause the httpd process that handled such a request to crash. The getresource function in repos.c in the...
Important: xorg-x11-server
Issue Overview: An integer overflow, which led to a heap-based buffer overflow, was found in the way X.Org server handled trapezoids. A malicious, authorized client could use this flaw to crash the X.Org server or, potentially, execute arbitrary code with root privileges. CVE-2013-6424 Affected...
Critical: ruby19
Issue Overview: Heap-based buffer overflow in Ruby 1.8, 1.9 before 1.9.3-p484, 2.0 before 2.0.0-p353, 2.1 before 2.1.0 preview2, and trunk before revision 43780 allows context-dependent attackers to cause a denial of service segmentation fault and possibly execute arbitrary code via a string that...
Low: mysql51
Issue Overview: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.70 and earlier, 5.5.32 and earlier, and 5.6.12 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer. Affected Packages: mysql51 Issue Correction: Ru...
Important: mod_fcgid
Issue Overview: Heap-based buffer overflow in the fcgidheaderbucketread function in fcgidbucket.c in the modfcgid module before 2.3.9 for the Apache HTTP Server allows remote attackers to have an unspecified impact via unknown vectors. Affected Packages: modfcgid Issue Correction: Run yum update...
Medium: subversion
Issue Overview: The moddavsvn Apache HTTPD server module in Subversion 1.7.0 through 1.7.10 and 1.8.x before 1.8.1 allows remote authenticated users to cause a denial of service assertion failure or out-of-bounds read via a certain 1 COPY, 2 DELETE, or 3 MOVE request against a revision root...
Medium: fail2ban
Issue Overview: The apache-auth.conf, apache-nohome.conf, apache-noscript.conf, and apache-overflows.conf files in Fail2ban before 0.8.10 do not properly validate log messages, which allows remote attackers to block arbitrary IP addresses via certain messages in a request. Affected Packages:...
Critical: php
Issue Overview: A buffer overflow flaw was found in the way PHP parsed deeply nested XML documents. If a PHP application used the xmlparseintostruct function to parse untrusted XML content, an attacker able to supply specially-crafted XML could use this flaw to crash the application or, possibly,...
Low: tomcat7
Issue Overview: java/org/apache/catalina/core/AsyncContextImpl.java in Apache Tomcat 7.x before 7.0.40 does not properly handle the throwing of a RuntimeException in an AsyncListener in an application, which allows context-dependent attackers to obtain sensitive request information intended for...
Medium: puppet
Issue Overview: The 1 template and 2 inlinetemplate functions in the master server in Puppet before 2.6.18, 2.7.x before 2.7.21, and 3.1.x before 3.1.1, and Puppet Enterprise before 1.2.7 and 2.7.x before 2.7.2 allows remote authenticated users to execute arbitrary code via a crafted catalog...
Important: java-1.7.0-openjdk
Issue Overview: Multiple improper permission check issues were discovered in the JMX and Libraries components in OpenJDK. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions. CVE-2013-1486, CVE-2013-1484 An improper permission check issue was discover...
Medium: libexif
Issue Overview: Multiple flaws were found in the way libexif processed Exif tags. An attacker could create a specially-crafted image file that, when opened in an application linked against libexif, could cause the application to crash or, potentially, execute arbitrary code with the privileges of...
Low: php
Issue Overview: Unspecified vulnerability in the phpstreamscandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an "overflow." Affected Packages: php Issue Correction: Run yum update php or yum update...
Medium: python27
Issue Overview: SimpleXMLRPCServer.py in SimpleXMLRPCServer in Python before 2.6.8, 2.7.x before 2.7.3, 3.x before 3.1.5, and 3.2.x before 3.2.3 allows remote attackers to cause a denial of service infinite loop and CPU consumption via an XML-RPC POST request that contains a smaller amount of dat...
Medium: openssl
Issue Overview: It was discovered that the Datagram Transport Layer Security DTLS protocol implementation in OpenSSL leaked timing information when performing certain operations. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a DTLS serve...
Important: libxml2
Issue Overview: A heap-based buffer overflow flaw was found in the way libxml2 decoded entity references with long names. A remote attacker could provide a specially-crafted XML file that, when opened in an application linked against libxml2, would cause the application to crash or, potentially,...
Important: freetype
Issue Overview: Multiple input validation flaws were found in the way FreeType processed bitmap font files. If a specially-crafted font file was loaded by an application linked against FreeType, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of...
Medium: libvirt
Issue Overview: An off-by-one error flaw was found in the udevListInterfacesByStatus function in libvirt when the number of interfaces exceeds the size of the names array. This issue can be reproduced by sending specially crafted data to the libvirt daemon, allowing an unprivileged client to...
Important: tomcat
Issue Overview: Improper Input Validation vulnerability in Apache Tomcat. Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly parse HTTP trailer headers. A specially crafted, invalid trailer header...
Medium: wpa_supplicant
Issue Overview: wpasupplicant: potential authorization bypass CVE-2023-52160 Affected Packages: wpasupplicant Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum...
Important: cpio
Issue Overview: cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in an archive. CVE-2015-1197 Affected Packages: cpio Issue Correction: Run yum update cpio or yum update --advisory ALAS-2024-1925 to update your...
Medium: vim
Issue Overview: Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a :s command for the very first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive :s call causes free-ing of memory...
Important: webkitgtk4
Issue Overview: The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, watchOS 10.2, tvOS 17.2, iOS 16.7.3 and iPadOS 16.7.3. Processing an image may lead to a denial-of-service. CVE-2023-42883 The issue was addresse...
Medium: samba
Issue Overview: When doing NTLM authentication, the client sends replies to cryptographic challenges back to the server. These replies have variable length. Winbind did not properly bounds-check the lan manager response length, which despite the lan manager version no longer being used is still...
Medium: kernel
Issue Overview: A flaw in the kernel Xen event handler can cause a deadlock with Xen console handling in unprivileged Xen guests. CVE-2023-34324 A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer skb was assumed to be associated with a device before callin...
Important: exim
Issue Overview: Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-1470/ CVE-2023-42116 Exim Improper Neutralization of Special Elements Remote Code Execution Vulnerability NOTE:...
Medium: ghostscript
Issue Overview: A buffer overflow vulnerability in epscprintpage in devices/gdevepsc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. CVE-2020-16294 A divide by zero issue discovered in epsprintpage in...
Medium: libtiff
Issue Overview: LibTIFF 4.4.0 has an out-of-bounds read in tiffcrop in tools/tiffcrop.c:3488, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit afaabc3e. CVE-2023-0795 LibTIFF 4.4.0 has an...
Important: libssh2
Issue Overview: An issue was discovered in function libssh2packetadd in libssh2 1.10.0 allows attackers to access out of bounds memory. CVE-2020-22218 Affected Packages: libssh2 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference...
Medium: hwloc
Issue Overview: An issue was discovered in open-mpi hwloc 2.1.0 allows attackers to cause a denial of service or other unspecified impacts via glibc-cpuset in topology-linux.c. CVE-2022-47022 Affected Packages: hwloc Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit...
Important: java-1.8.0-openjdk
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficul...