8699 matches found
Medium: thunderbird
Issue Overview: A heap overflow vulnerability exists in libvpx - Encoding a frame that has larger dimensions than the originally configured size with VP9 may result in a heap overflow in libvpx. We recommend upgrading to version 1.13.1 or above CVE-2023-6349 Affected Packages: thunderbird Note:...
Medium: ghostscript
Issue Overview: Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure observable in a constructed BaseFont name in the function pdfbasefontalloc. CVE-2024-29508 Artifex Ghostscript before 10.03.1, when Tesseract is used for OCR, has a directory traversal issue that allows arbitra...
Low: protobuf-c
Issue Overview: Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parsetagandwiretype in protobuf-c/protobuf-c.c. This vulnerability allows attackers to cause a Denial of Service DoS via unspecified vectors. CVE-2022-33070 Affected Packages: protobuf-c Note:...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: vt: fix memory overlapping when deleting chars in the buffer CVE-2022-48627 In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: disallow timeout for anonymous sets CVE-2023-526...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: vt: fix memory overlapping when deleting chars in the buffer CVE-2022-48627 In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: disallow timeout for anonymous sets CVE-2023-526...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ipvlan: add ipvlanroutev6outbound helper CVE-2023-52796 In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix RPC client cleaned up the freed pipefs dentries CVE-2023-52803 In the Linux...
Important: httpd
Issue Overview: A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosu...
Important: httpd
Issue Overview: A partial fix for CVE-2024-39884 in the core of Apache HTTP Server 2.4.61 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosu...
Low: openssl11
Issue Overview: No CVE associated with this advisory Affected Packages: openssl11 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum update openssl11 to update you...
Medium: nerdctl
Issue Overview: A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of da...
Medium: thunderbird
Issue Overview: A heap overflow vulnerability exists in libvpx - Encoding a frame that has larger dimensions than the originally configured size with VP9 may result in a heap overflow in libvpx. We recommend upgrading to version 1.13.1 or above CVE-2023-6349 Affected Packages: thunderbird Note:...
Medium: vte291
Issue Overview: GNOME VTE before 0.76.3 allows an attacker to cause a denial of service memory consumption via a window resize escape sequence, a related issue to CVE-2000-0476. CVE-2024-37535 Affected Packages: vte291 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit...
Medium: ghostscript
Issue Overview: Artifex Ghostscript before 10.03.0 has a heap-based pointer disclosure observable in a constructed BaseFont name in the function pdfbasefontalloc. CVE-2024-29508 Artifex Ghostscript before 10.03.1, when Tesseract is used for OCR, has a directory traversal issue that allows arbitra...
Important: gtk2
Issue Overview: gtk3: gtk2: Library injection from CWD CVE-2024-6655 Affected Packages: gtk2 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum update gtk2 or yum...
Medium: squid
Issue Overview: Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Out-of-bounds Write error when assigning ESI variables, Squid is susceptible to a Memory Corruption error. This error can lead to a Denial of Service attack. CVE-2024-37894 Affected Packages: squ...
Low: openssl11
Issue Overview: No CVE associated with this advisory Affected Packages: openssl11 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum update openssl11 or yum update...
Important: gtk2
Issue Overview: gtk3: gtk2: Library injection from CWD CVE-2024-6655 Affected Packages: gtk2 Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run yum update gtk2 to upda...
Important: bind
Issue Overview: Resolver caches and authoritative zone databases that hold significant numbers of RRs for the same hostname of any RTYPE can suffer from degraded performance as content is being added or updated, and also when handling client queries for this name. This issue affects BIND 9 versio...
Important: emacs
Issue Overview: In Emacs before 29.3, Gnus treats inline MIME contents as trusted. CVE-2024-30203 In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments. CVE-2024-30204 In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode...
Low: ca-certificates
Issue Overview: Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi starting in 2021.05.30 and prior to 2024.07.4 recognized root certificates from GLOBALTRUST. Certifi 2024.07.04 removes ro...
Medium: openssl
Issue Overview: Issue summary: Calling the OpenSSL API function SSLselectnextproto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a range of potential consequences such as unexpected applicati...
Important: docker
Issue Overview: The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...
Important: docker
Issue Overview: The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...
Important: docker
Issue Overview: The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...
Important: docker
Issue Overview: The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set...
Important: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ubi: Fix race condition between ctrlcdevioctl and ubicdevioctl CVE-2021-47634 In the Linux kernel, the following vulnerability has been resolved: Revert "Revert "block, bfq: honor already-setup queue merges""...
Important: httpd24
Issue Overview: Substitution encoding issue in modrewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI. Users are...
Important: gstreamer-plugins-base
Issue Overview: GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack...
Medium: edk2
Issue Overview: Issue summary: Calling the OpenSSL API function SSLselectnextproto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a range of potential consequences such as unexpected applicati...
Medium: golang
Issue Overview: The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational 200 or higher status. This mishandling could leave a client connection in an invalid state, where the next request sent on the...
Medium: golang
Issue Overview: The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational 200 or higher status. This mishandling could leave a client connection in an invalid state, where the next request sent on the...
Important: emacs
Issue Overview: In Emacs before 29.3, Gnus treats inline MIME contents as trusted. CVE-2024-30203 In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments. CVE-2024-30204 In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode...
Important: python-werkzeug
Issue Overview: Werkzeug is a comprehensive WSGI web application library. The debugger in affected versions of Werkzeug can allow an attacker to execute code on a developer's machine under some circumstances. This requires the attacker to get the developer to interact with a domain and subdomain...
Medium: python3.11-setuptools
Issue Overview: A Denial of Service DoS vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as...
Important: java-21-amazon-corretto
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.1...
Important: ghostscript
Issue Overview: NOTE: https://ghostscript.readthedocs.io/en/gs10.03.1/News.html NOTE: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=3b1735085ecef20b29e8db3416ab36de93e86d1f ghostpdl-10.03.1 NOTE: https://bugs.ghostscript.com/showbug.cgi?id=707662 ADVISORIES: 'DSA-5692-1'...
Important: composer
Issue Overview: Composer is a dependency manager for PHP. On the 2.x branch prior to versions 2.2.24 and 2.7.7, the composer install command running inside a git/hg repository which has specially crafted branch names can lead to command injection. This requires cloning untrusted repositories...
Medium: wget
Issue Overview: url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent. CVE-2024-38428 Affected...
Medium: nano
Issue Overview: nano: running chmod and chown on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file CVE-2024-5742 Affected Packages: nano Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for...
Important: openssh
Issue Overview: A signal handler race condition vulnerability was found in OpenSSH's server sshd, where a client does not authenticate within LoginGraceTime seconds 120 by default, 600 in old OpenSSH versions, then sshd's SIGALRM handler is called asynchronously. However, this signal handler call...
Important: gstreamer1-plugins-base
Issue Overview: GStreamer EXIF Metadata Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack...
Important: ghostscript
Issue Overview: NOTE: https://ghostscript.readthedocs.io/en/gs10.03.1/News.html NOTE: https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=3b1735085ecef20b29e8db3416ab36de93e86d1f ghostpdl-10.03.1 NOTE: https://bugs.ghostscript.com/showbug.cgi?id=707662 ADVISORIES: 'DSA-5692-1'...
Medium: wireshark
Issue Overview: Memory handling issue in editcap could cause denial of service via crafted capture file CVE-2024-4853 MONGO and ZigBee TLV dissector infinite loops in Wireshark 4.2.0 to 4.2.4, 4.0.0 to 4.0.14, and 3.6.0 to 3.6.22 allow denial of service via packet injection or crafted capture fil...
Medium: wireshark
Issue Overview: Infinite loop in the F5 Ethernet Trailer protocol dissector in Wireshark 3.6.0 to 3.6.7 and 3.4.0 to 3.4.15 allows denial of service via packet injection or crafted capture file CVE-2022-3190 Memory handling issue in editcap could cause denial of service via crafted capture file...
Important: java-11-amazon-corretto
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.1...
Important: java-11-amazon-corretto
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.1...
Important: java-1.8.0-amazon-corretto
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.1...
Medium: ecs-init
Issue Overview: An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed...
Important: audiofile
Issue Overview: Buffer overflow in the afReadFrames function in audiofile aka libaudiofile and Audio File Library allows user-assisted remote attackers to cause a denial of service program crash or possibly execute arbitrary code via a crafted audio file, as demonstrated by...
Medium: nano
Issue Overview: nano: running chmod and chown on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file CVE-2024-5742 Affected Packages: nano Issue Correction: Run dnf update nano --releasever 2023.5.20240722 or dnf update --advisory...