Low: freerdp

Issue Overview: FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvcmain.c, drdynvcprocesscapabilityrequest that can result in The RDP server can read the client's memory.. This...

Medium: mod_auth_openidc

Issue Overview: A text injection flaw was found in how modauthopenidc handled error pages. An attacker could potentially use this flaw to conduct content spoofing and phishing attacks by tricking users into opening specially crafted URLs.CVE-2017-6059 It was found that modauthopenidc did not...

Medium: optipng

Issue Overview: The bmpreadrows function in pngxtern/pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service invalid memory write and crash via a series of delta escapes in a crafted BMP image.CVE-2016-2191 Affected Packages: optipng Note: This advisory is applicab...

Medium: libssh2

Issue Overview: An out of bounds read flaw was discovered in libssh2 in the way SSHMSGCHANNELREQUEST packets with an exit status message and no payload are parsed. A remote attacker who compromises a SSH server may be able to cause a denial of service or read data in the client memory...

Medium: libX11

Issue Overview: An off-by-one error has been discovered in libX11 in functions XGetFontPath, XListExtensions, and XListFonts. An attacker who can either configure a malicious X server or modify the data coming from one could use this flaw to make the program crash or have other unspecified effect...

Medium: gnupg2

Issue Overview: The douncompress function in g10/compress.c allows context-dependent attackers to cause a denial of service infinite loop via malformed compressed packets, as demonstrated by an a3 01 5b ff byte sequence.CVE-2014-4617 Affected Packages: gnupg2 Note: This advisory is applicable to...

Medium: libvirt

Issue Overview: util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module.CVE-2018-6764 Affected Packages: libvirt Note:...

Important: openslp

Issue Overview: A use-after-free flaw in OpenSLP 1.x and 2.x baselines was discovered in the ProcessSrvRqst function. A failure to update a local pointer may lead to heap corruption. A remote attacker may be able to leverage this flaw to gain remote code execution.CVE-2017-17833 Affected Packages...

Important: 389-ds-base

Issue Overview: It was found that 389-ds-base did not properly handle long search filters with characters needing escapes, possibly leading to buffer overflows. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus...

Medium: ghostscript

Issue Overview: The settextdistance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service application crash or possibly have...

Low: zsh

Issue Overview: NULL dereference in cd in sh compatibility mode under given circumstances In builtin.c in zsh before 5.4, when sh compatibility mode is used, there is a NULL pointer dereference during processing of the cd command with no argument if HOME is not set. CVE-2017-18205 Null-pointer...

Important: dhcp

Issue Overview: Buffer overflow in dhclient possibly allowing code execution triggered by malicious server An out-of-bound memory access flaw was found in the way dhclient processed a DHCP response packet. A malicious DHCP server could potentially use this flaw to crash dhclient processes running...

Low: libvpx

Issue Overview: Denial of service DoS in vpx/src/vpximage.c file A vulnerability in the Android media framework libvpx related to odd frame width CVE-2017-13194 Affected Packages: libvpx Issue Correction: Run yum update libvpx or yum update --advisory ALAS-2018-967 to update your system. New...

Medium: systemd

Issue Overview: Access to automounted volumes can lock up A race condition was found in systemd. This could result in automount requests not being serviced and processes using them could hang, causing denial of service.CVE-2018-1049 Affected Packages: systemd Note: This advisory is applicable to...

Medium: nautilus

Issue Overview: Insufficient validation of trust of .desktop files with execute permission An untrusted .desktop file with executable permission set could choose its displayed name and icon, and execute commands without warning when opened by the user. An attacker could use this flaw to trick a...

Medium: postgresql92

Issue Overview: Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service crash by closing an SSL session at a time when the authentication timeout will expire...

Medium: python-oauth2

Issue Overview: The Server.verifyrequest function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL. The 1 makenonce, 2 generatenonce, and 3 generateverifier functions in SimpleGeo python-oauth2 uses weak random numbers t...

Important: mod_wsgi

Issue Overview: It was found that modwsgi did not properly drop privileges if the call to setuid failed. If modwsgi was set up to allow unprivileged users to run WSGI applications, a local user able to run a WSGI application could possibly use this flaw to escalate their privileges on the system...

Low: readline

Issue Overview: The rltropen function in util.c in GNU readline before 6.3 patch 3 allows local users to create or overwrite arbitrary files via a symlink attack on a /var/tmp/rltrace.PID file. Affected Packages: readline Issue Correction: Run yum update readline or yum update --advisory...

Low: socat

Issue Overview: Stack-based buffer overflow in socat 1.3.0.0 through 1.7.2.2 and 2.0.0-b1 through 2.0.0-b6 allows local users to cause a denial of service segmentation fault via a long server name in the PROXY-CONNECT address in the command line. Affected Packages: socat Issue Correction: Run yum...

Medium: ganglia

Issue Overview: Cross-site scripting XSS vulnerability in header.php in Ganglia Web 3.5.8 and 3.5.10 allows remote attackers to inject arbitrary web script or HTML via the hostregex parameter to the default URI, which is processed by getcontext.php. Affected Packages: ganglia Issue Correction: Ru...

Medium: scipy

Issue Overview: scipy: weave /tmp and current directory issues CVE-2013-4251 Affected Packages: scipy Issue Correction: Run yum update scipy or yum update --advisory ALAS-2013-242 to update your system. New Packages: i686: scipy-0.12.1-1.7.amzn1.i686 scipy-debuginfo-0.12.1-1.7.amzn1.i686...

Low: php-pecl-apc

Issue Overview: A cross-site scripting XSS flaw was found in the "apc.php" script, which provides a detailed analysis of the internal workings of APC and is shipped as part of the APC extension documentation. A remote attacker could possibly use this flaw to conduct a cross-site scripting attack...

Medium: nagios

Issue Overview: Multiple cross-site scripting XSS vulnerabilities in config.c in config.cgi in 1 Nagios 3.2.3 and 2 Icinga before 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the expand parameter, as demonstrated by an a command action or a b hosts action. Affected...

Medium: perl-FCGI

Issue Overview: The FCGI aka Fast CGI module 0.70 through 0.73 for Perl, as used by CGI::Fast, uses environment variable values from one request during processing of a later request, which allows remote attackers to bypass authentication via crafted HTTP headers. Affected Packages: perl-FCGI Issu...

Important: java-17-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalV...

Important: freetype

Issue Overview: FreeType 2.8.1 has a signed integer overflow in cf2doFlex in cff/cf2intrp.c. CVE-2025-23022 An out of bounds write exists in FreeType versions 2.13.0 and below when attempting to parse font subglyph structures related to TrueType GX and variable font files. The vulnerable code...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in smb2reconnectserver CVE-2024-35870 In the Linux kernel, the following vulnerability has been resolved: ext4: fix timer use-after-free on failed mount CVE-2024-49960 In the Linux kernel, the...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: tipc: guard against string buffer overrun CVE-2024-49995 In the Linux kernel, the following vulnerability has been resolved: ppp: fix pppasyncencode illegal access CVE-2024-50035 In the Linux kernel, the following...

Important: postgresql

Issue Overview: Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables e.g. PATH. That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system...

Medium: edk2

Issue Overview: Issue summary: A timing side-channel which could potentially allow recovering the private key exists in the ECDSA signature computation. Impact summary: A timing side-channel in ECDSA signature computations could allow recovering the private key by an attacker. However, measuring...

Low: gdb

Issue Overview: GNU gdb GDB 13.0.50.20220805-git was discovered to contain a stack overflow via the function adadecode at /gdb/ada-lang.c. CVE-2023-39128 GNU gdb GDB 13.0.50.20220805-git was discovered to contain a heap use after free via the function addpeexportedsym at /gdb/coff-pe-read.c...

Medium: python-pip

Issue Overview: python-idna: potential DoS via resource consumption via specially crafted inputs to idna.encode CVE-2024-3651 Affected Packages: python-pip Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2...

Important: python-setuptools

Issue Overview: A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptibl...

Medium: openssl11

Issue Overview: openssl: Use After Free with SSLfreebuffers CVE-2024-4741 Issue summary: Calling the OpenSSL API function SSLselectnextproto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix use-after-free of timer for log writer thread CVE-2024-38583 In the Linux kernel, the following vulnerability has been resolved: kdb: Fix buffer overflow during tab-complete CVE-2024-39480 Affected...

Important: emacs

Issue Overview: In Emacs before 29.3, Gnus treats inline MIME contents as trusted. CVE-2024-30203 In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments. CVE-2024-30204 In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode...

Medium: krb5

Issue Overview: krb5: GSS message token handling CVE-2024-37370 In MIT Kerberos 5 aka krb5 before 1.21.3, an attacker can cause invalid memory reads during GSS message token handling by sending message tokens with invalid length fields. CVE-2024-37371 Affected Packages: krb5 Note: This advisory i...

Medium: edk2

Issue Overview: Issue summary: Calling the OpenSSL API function SSLselectnextproto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a range of potential consequences such as unexpected applicati...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Disable kvmclock on all CPUs on shutdown CVE-2021-47110 Affected Packages: kernel Issue Correction: Run yum update kernel or yum update --advisory ALAS-2024-1943 to update your system. New Packages: i686:...

Medium: dnsmasq

Issue Overview: dnsmasq 2.9 is vulnerable to Integer Overflow via forwardquery. CVE-2023-49441 Affected Packages: dnsmasq Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction...

Low: ImageMagick

Issue Overview: A flaw was found in ImageMagick, where a division by zero in WaveImage of MagickCore/visual-effects.c may trigger undefined behavior via a crafted image file submitted to an application using ImageMagick. The highest threat from this vulnerability is to system availability...

Important: qt5-qtbase

Issue Overview: Potential buffer overflow issue in QXmlStreamReader. When given specifically crafted data then QXmlStreamReader can end up causing a buffer overflow and subsequently a crash. CVE-2023-37369 Affected Packages: qt5-qtbase Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

Important: tomcat

Issue Overview: Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through...

Important: tigervnc

Issue Overview: A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a clie...

Important: nss-util

Issue Overview: Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being improperly sanitized before being copied into memory and used. This vulnerability affects Firefox ESR 60.8, Firefox 68, and Thunderbird 60.8. CVE-2019-11729 A heap-based buffer overflow was...

Important: perl-Spreadsheet-ParseExcel

Issue Overview: Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution ACE vulnerability due to passing unvalidated input from a file into a string-type "eval". Specifically, the issue stems from the...

Important: squid

Issue Overview: Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid's Gopher gateway. The gopher protocol is always available and enabled in Squid prior to Squid 6.0.1...

Important: libxml2

Issue Overview: libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor's position is "I don't think these issues are critical enough to warrant a CVE ID ... because an attacker typically can...

Critical: squid

Issue Overview: Due to a buffer overflow bug Squid is vulnerable to a Denial of Service attack against HTTP Digest Authentication CVE-2023-46847 Affected Packages: squid Issue Correction: Run yum update squid or yum update --advisory ALAS-2023-1872 to update your system. New Packages: i686: ...