Medium: cups

Issue Overview: A vulnerability was found in OpenPrinting CUPS. The security flaw occurs due to failure in validating the length provided by an attacker-crafted CUPS document, possibly leading to a heap-based buffer overflow and code execution. CVE-2023-4504 Affected Packages: cups Note: This...

Medium: poppler

Issue Overview: Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a denial of service via crafted input. CVE-2020-23804 Affected Packages: poppler Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for th...

Medium: libtiff

Issue Overview: libtiff 4.5.0 is vulnerable to Buffer Overflow via /libtiff/tools/tiffcrop.c:8499. Incorrect updating of buffer size after rotateImage in tiffcrop cause heap-buffer-overflow and SEGV. CVE-2023-25433 A vulnerability was found in libtiff library. This security flaw causes a heap...

Medium: ghostscript

Issue Overview: A buffer overflow vulnerability in pcxwriterle in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. CVE-2020-16305 Affected Packages: ghostscript Note: This advisor...

Medium: cups

Issue Overview: An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.7, macOS Monterey 12.6.6, macOS Ventura 13.4. An unauthenticated user may be able to access recently printed documents. CVE-2023-32360 Affected Packages: cups Note: This...

Medium: openldap

Issue Overview: A vulnerability was found in openldap that can cause a null pointer dereference in the bermemallocx function. CVE-2023-2953 Affected Packages: openldap Issue Correction: Run yum update openldap or yum update --advisory ALAS-2023-1804 to update your system. New Packages: i686: ...

Medium: mc

Issue Overview: An issue was discovered in Midnight Commander through 4.8.26. When establishing an SFTP connection, the fingerprint of the server is neither checked nor displayed. As a result, a user connects to the server without the ability to verify its authenticity. CVE-2021-36370 Affected...

Medium: libtiff

Issue Overview: A NULL pointer dereference in TIFFClose is caused by a failure to open an output file non-existent path or a path that requires permissions like /dev/null while specifying zones. CVE-2023-3316 Affected Packages: libtiff Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

Medium: ImageMagick

Issue Overview: The upstream bug report describes this issue as follows: "A vulnerability was found in ImageMagick =7.1.1, where heap-based buffer overflow was found in coders/tiff.c." CVE-2023-3428 Affected Packages: ImageMagick Note: This advisory is applicable to Amazon Linux 2 AL2 Core...

Medium: busybox

Issue Overview: A use-after-free in Busybox 1.35-x's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the copyvar function. CVE-2022-30065 Affected Packages: busybox Issue Correction: Run yum update busybox or yum update --advisory...

Important: squid

Issue Overview: An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When receiving data from a remote server in response to an URN request, Squid fails to ensure that the response can fit within the buffer. This leads to attacker...

Important: jettison

Issue Overview: Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by Out of memory. This effect may support a denial of servic...

Medium: mod24_auth_mellon

Issue Overview: A flaw was found in modauthmellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate phishing attacks by tricking users into visiting a trusted web application URL that redirects to an external and potentially malicious server. T...

Important: nasm

Issue Overview: NASM v2.16 was discovered to contain a heap buffer overflow in the component quoteforpmake asm/nasm.c:856 CVE-2022-44370 Affected Packages: nasm Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and...

Important: tar

Issue Overview: GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in fromheader in list.c via a V7 archive in which mtime has approximate...

Important: cifs-utils

Issue Overview: A stack-based buffer overflow issue was found in pifs-utils. Parsing the mount.cifs ip command-line argument can lead to local attackers gaining root privileges. CVE-2022-27239 Affected Packages: cifs-utils Issue Correction: Run yum update cifs-utils or yum update --advisory...

Important: libconfuse

Issue Overview: cfgtildeexpand in confuse.c in libConfuse 3.3 has a heap-based buffer over-read. CVE-2022-40320 Affected Packages: libconfuse Issue Correction: Run yum update libconfuse or yum update --advisory ALAS-2023-1692 to update your system. New Packages: i686: ...

Medium: spice-protocol

Issue Overview: Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A malicious server could cause the client to crash or, potentially, execute arbitrary code. CVE-2018-10893 Affected Packages: spice-protocol Issue Correction: R...

Medium: libgovirt

Issue Overview: Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A malicious server could cause the client to crash or, potentially, execute arbitrary code. CVE-2018-10893 Affected Packages: libgovirt Issue Correction: Run yu...

Medium: apr-util

Issue Overview: 2023-05-23: The severity level was changed from Critical to Medium. Integer Overflow or Wraparound vulnerability in aprbase64 functions of Apache Portable Runtime Utility APR-util allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime...

Low: udisks2

Issue Overview: A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest threat from this vulnerability is to system availability. CVE-2021-3802 Affected Packages: udisks2 Note: This advisory is applicable to...

Medium: ncurses

Issue Overview: The ncurses package tic is susceptible to a heap overflow on crafted input. When the terminfo entry-description compiler processes input, proper bounds checking was not enforced leading to this software flaw. The highest threat from this vulnerability is system availability...

Important: device-mapper-multipath

Issue Overview: multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This can lead to loc...

Medium: util-linux

Issue Overview: A command injection flaw was found in the way util-linux implements umount autocompletion in Bash. An attacker with the ability to mount a filesystem with custom mount points may execute arbitrary commands on behalf of the user who triggers the umount autocompletion. CVE-2018-7738...

Important: rubygem-nokogiri, rubygem18-nokogiri

Issue Overview: Nokogiri is an open source XML and HTML library for Ruby. Nokogiri = 1.13.4. There are no known workarounds for this issue. CVE-2022-24836 Affected Packages: rubygem-nokogiri, rubygem18-nokogiri Issue Correction: Run yum update rubygem-nokogiri or yum update --advisory...

Medium: linuxptp

Issue Overview: A flaw was found in the ptp4l program of the linuxptp package. When ptp4l is operating on a little-endian architecture as a PTP transparent clock, a remote attacker could send a crafted one-step sync message to cause an information leak or crash. The highest threat from this...

Important: lasso

Issue Overview: An XML Signature Wrapping XSW vulnerability was found in Lasso. This flaw allows an attacker to modify a valid SAML response to include an unsigned SAML assertion, which may be used to impersonate another valid user recognized by the service using Lasso. The highest threat from th...

Important: xorg-x11-server

Issue Overview: A flaw was found in xorg-x11-server. An interger underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. CVE-2021-3472 Affected Packages:...

Important: dovecot

Issue Overview: In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled. A flaw was found in dovecot. An attacker can use the way dovecot handles RPA Remote Passphrase Authentication to crash the authentication proce...

Medium: libvirt

Issue Overview: A NULL pointer dereference flaw was discovered in libvirt in the way it gets interface information through the QEMU agent. An attacker in a guest VM can use this flaw to crash libvirtd and cause a denial of service. CVE-2019-3840 Affected Packages: libvirt Note: This advisory is...

Medium: spice-gtk

Issue Overview: Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A malicious server could cause the client to crash or, potentially, execute arbitrary code. CVE-2018-10893 Affected Packages: spice-gtk Note: This advisory is...

Medium: glusterfs

Issue Overview: A flaw was found in dict.c:dictunserialize function of glusterfs, dicunserialize function does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict value.CVE-2018-10911 Affected Packages: glusterfs Note: Th...

Important: xmlrpc

Issue Overview: A flaw was discovered in the Apache XML-RPC ws-xmlrpc library that deserializes untrusted data when enabledForExtensions setting is enabled. A remote attacker could use this vulnerability to execute arbitrary code via a crafted serialized Java object in a element.CVE-2016-5003...

Medium: python-crypto

Issue Overview: Weak ElGamal key parameters in PublicKey/ElGamal.py allow attackers to obtain sensitive information by reading ciphertext: lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by...

Medium: curl

Issue Overview: FTP PWD response parser out of bounds read libcurl may read outside of a heap allocated buffer when doing FTP. When libcurl connects to an FTP server and successfully logs in anonymous or not, it asks the server for the current directory with the PWD command. The server then...

Low: gpgme

Issue Overview: Multiple heap-based buffer overflows in the statushandler function in 1 engine-gpgsm.c and 2 engine-uiserver.c in GPGME before 1.5.1 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via vectors related to "different line lengths in a...

Medium: munin

Issue Overview: The getgrouptree function in lib/Munin/Master/HTMLConfig.pm in Munin before 2.0.18 allows remote nodes to cause a denial of service infinite loop and memory consumption in the munin-html process via crafted multigraph data. Munin::Master::Node in Munin before 2.0.18 allows remote...

Medium: libgcrypt

Issue Overview: GnuPG before 1.4.14, and Libgcrypt before 1.5.3 as used in GnuPG 2.0.x and possibly other products, allows local users to obtain private RSA keys via a cache side-channel attack involving the L3 cache, aka Flush+Reload. Affected Packages: libgcrypt Issue Correction: Run yum update...

Medium: net-snmp

Issue Overview: An array index error, leading to an out-of-bounds buffer read flaw, was found in the way the net-snmp agent looked up entries in the extension table. A remote attacker with read privileges to a Management Information Base MIB subtree handled by the "extend" directive in...

Low: quagga

Issue Overview: The bgpcapabilityorf function in bgpd in Quagga 0.99.20.1 and earlier allows remote attackers to cause a denial of service assertion failure and daemon exit by leveraging a BGP peering relationship and sending a malformed Outbound Route Filtering ORF capability TLV in an OPEN...

Medium: openswan

Issue Overview: A use-after-free flaw was found in the way Openswan's pluto IKE daemon used cryptographic helpers. A remote, authenticated attacker could send a specially-crafted IKE packet that would crash the pluto daemon. This issue only affected SMP symmetric multiprocessing systems that have...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: fix ofiomap memory leak CVE-2023-53424 In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: Add missing lock in cfg80211checkandendcac CVE-2025-38643 In the Linux...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: btrfs: do not clean up repair bio if submit fails CVE-2022-49168 In the Linux kernel, the following vulnerability has been resolved: bfq: Update cgroup information before merging bio CVE-2022-49413 In the Linux...

Important: kernel

Issue Overview: A use-after-free flaw was found in btrfssearchslot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the system and possibly cause a kernel information lea CVE-2023-1611 nftables out-of-bounds read in nfosfmatchone CVE-2023-39189 In the Linux...

Important: bind

Issue Overview: It is possible to construct a zone such that some queries to it will generate responses containing numerous records in the Additional section. An attacker sending many such queries can cause either the authoritative server itself or an independent resolver to use disproportionate...

Medium: git

Issue Overview: Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full access to internals. When Git asks for credentials via a terminal prompt i.e. without using any credential helper, it prints out the ho...

Medium: python-urllib3

Issue Overview: urllib3 is a user-friendly HTTP client library for Python. When using urllib3's proxy support with ProxyManager, the Proxy-Authorization header is only sent to the configured proxy, as expected. However, when sending HTTP requests without using urllib3's proxy support, it's possib...

Important: microcode_ctl

Issue Overview: Improper isolation in some IntelR Processors stream cache mechanism may allow an authenticated user to potentially enable escalation of privilege via local access. CVE-2023-49141 Insufficient control flow management for some IntelR Xeon Processors may allow an authenticated user t...

Medium: squid

Issue Overview: Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Out-of-bounds Write error when assigning ESI variables, Squid is susceptible to a Memory Corruption error. This error can lead to a Denial of Service attack. CVE-2024-37894 Affected Packages: squ...

Important: audiofile

Issue Overview: Buffer overflow in the afReadFrames function in audiofile aka libaudiofile and Audio File Library allows user-assisted remote attackers to cause a denial of service program crash or possibly execute arbitrary code via a crafted audio file, as demonstrated by...