502 matches found
Fix of CVE: CVE-2017-15022, CVE-2017-9742, CVE-2017-9749, CVE-2017-14940, CVE-2017-15225, CVE-2017-9753, CVE-2017-14130, CVE-2017-14333, CVE-2017-8421, CVE-2017-8398, CVE-2017-12448, CVE-2017-16826, CVE-2017-15938, CVE-2017-16831, CVE-2017-9744, CVE-2017-12455, CVE-2017-15996, CVE-2017-8396, CVE-2017-12451, CVE-2017-7614, CVE-2017-12452, CVE-2017-9748, CVE-2017-7225, CVE-2017-7302, CVE-2017-12449, CVE-2017-12458, CVE-2017-16827, CVE-2017-15939, CVE-2017-7227, CVE-2017-7226, CVE-2017-16828, CVE-2017-17121, CVE-2017-12453, CVE-2017-17080, CVE-2017-17124, CVE-2017-7223, CVE-2017-9747, CVE-2017-12457, CVE-2017-12456, CVE-2017-7299, CVE-2017-7300, CVE-2017-9754, CVE-2017-13710, CVE-2017-12450, CVE-2017-7301, CVE-2017-8394, CVE-2017-12454, CVE-2017-14932, CVE-2017-15020, CVE-2017-17123, CVE-2017-12459, CVE-2017-7224, CVE-2017-17125, CVE-2017-12799, CVE-2017-8393, CVE-2017-14938
CVE-2017-7223: Fix global buffer overflow of size 1 - CVE-2017-7224: Fix invalid write of size 1 while disassembling - CVE-2017-7225: Fix NULL pointer dereference and an invalid write - CVE-2017-7226: Fix heap-based buffer over-read of size 4049 - CVE-2017-7227: Fix heap-based buffer overflow -...
Fix of CVE: CVE-2021-27212
CVE-2021-27212: fix DoS via malicious packet...
Fix of CVE: CVE-2021-3928, CVE-2021-3927
CVE-2021-3927: fix heap-based buffer overflow when reading character past end of line - CVE-2021-3928: fix stack-based buffer overflow when reading uninitialized memory when giving spell suggestions...
Fix of CVE: CVE-2021-21704, CVE-2021-21703, CVE-2021-21705
CVE-2021-21704: fix integer overflow and subsequent incorrect buffer allocation - CVE-2021-21705: fix incorrect url password validation - CVE-2021-21703: fix incorrect shared memory management, which led to priv escalation...
Fix of CVE: CVE-2021-3903, CVE-2021-3875, CVE-2021-3872
CVE-2021-3872: fix illegal memory access if buffer name is very long - CVE-2021-3875: fix mlget error after search with range - CVE-2021-3903: fix invalid memory access when scrolling without a valid screen...
Fix of CVE: CVE-2021-3326, CVE-2021-43396
CVE-2021-3326: avoid denial of service due to a failed assertion - CVE-2021-43396: check actual stored character in state reset code...
Fix of CVE: CVE-2021-25219
CVE-2021-25219: Fix resolver performance degradation via lame cache abuse...
Fix of CVE: CVE-2021-21705, CVE-2021-21704, CVE-2021-21703
CVE-2021-21704: fix integer overflow and subsequent incorrect buffer allocation - CVE-2021-21705: fix incorrect url password validation - CVE-2021-21703: fix incorrect shared memory management, which led to priv escalation...
Fix of CVE: CVE-2021-3875, CVE-2021-3872, CVE-2021-3903
CVE-2021-3872: fix illegal memory access if buffer name is very long - CVE-2021-3875: fix mlget error after search with range - CVE-2021-3903: fix invalid memory access when scrolling without a valid screen...
Fix of CVE: CVE-2021-3326, CVE-2021-43396
CVE-2021-3326: avoid denial of service due to a failed assertion - CVE-2021-43396: check actual stored character in state reset code...
Fix of CVE: CVE-2017-20005
CVE-2017-20005: fix buffer overflow for years that exceed four digits...
Fix of CVE: CVE-2021-25219
CVE-2021-25219: Fix resolver performance degradation via lame cache abuse...
Fix of CVE: CVE-2017-6363, CVE-2021-40145
CVE-2021-40145: check for memory allocation errors processing GD2 images - CVE-2017-6363: make sure transparent index is within bounds of the palette...
Fix of CVE: CVE-2017-20005
CVE-2017-20005: fix buffer overflow for years that exceed four digits...
Fix of CVE: CVE-2021-39275
CVE-2021-39275: apescapequotes algorithm which led to buffer overflow...
Fix of CVE: CVE-2021-3778, CVE-2021-3796
CVE-2021-3778: crafted input leads to heap-based buffer overflow - CVE-2021-3796: crafted input leads to use-after-free...
Fix of CVE: CVE-2017-6363, CVE-2021-40145
CVE-2021-40145: check for memory allocation errors processing GD2 images - CVE-2017-6363: make sure transparent index is within bounds of the palette...
Fix of CVE: CVE-2020-25275, CVE-2020-12100
CVE-2020-12100: Resource exhaustion via deeply nested MIME parts - CVE-2020-25275: Denial of service via mail MIME parsing...
Fix of CVE: CVE-2021-3778, CVE-2021-3796
CVE-2021-3778: crafted input leads to heap-based buffer overflow - CVE-2021-3796: crafted input leads to use-after-free...
Fix of CVE: CVE-2021-39275
CVE-2021-39275: apescapequotes algorithm which led to buffer overflow...
Fix of CVE: CVE-2020-25275, CVE-2020-12100
CVE-2020-12100: Resource exhaustion via deeply nested MIME parts - CVE-2020-25275: Denial of service via mail MIME parsing...
Fix of CVE: CVE-2020-35452
CVE-2020-35452: fix stack overflow in modauthdigest due to crafted digest nonce...
Fix of CVE: CVE-2020-11868
CVE-2020-11868: incorrect handling of packets from unauthenticated synchronization source with spoofed IP address leads to denial of service...
Update of openssl-static, openssl-perl, openssl-devel, openssl, openssl-devel, openssl
Always check certificates from local root store first...
Fix of CVE: CVE-2020-26116, CVE-2020-8492, CVE-2018-20852, CVE-2020-27619
Add Oracle Linux distribution in platform.py - CVE-2018-20852: Prefix dot in domain for proper subdomain validation - CVE-2020-8492: Python allows an HTTP server to conduct Regular Expression Denial of Service ReDoS attacks against a client - CVE-2020-26116: http.client allows CRLF injection if...
Fix of CVE: CVE-2021-3487
CVE-2021-3487: excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c readsection...
Fix of CVE: CVE-2020-11868
CVE-2020-11868: incorrect handling of packets from unauthenticated synchronization source with spoofed IP address leads to denial of service...
Update of openssl-static, openssl-perl, openssl-devel, openssl, openssl-devel, openssl
Always check certificates from local root store first...
Fix of CVE: CVE-2020-35452
CVE-2020-35452: fix stack overflow in modauthdigest due to crafted digest nonce...
Fix of CVE: CVE-2018-20852, CVE-2020-8492, CVE-2020-26116, CVE-2020-27619
Add Oracle Linux distribution in platform.py - CVE-2018-20852: Prefix dot in domain for proper subdomain validation - CVE-2020-8492: Python allows an HTTP server to conduct Regular Expression Denial of Service ReDoS attacks against a client - CVE-2020-26116: http.client allows CRLF injection if...
Fix of CVE: CVE-2021-3487
CVE-2021-3487: excessive debug section size can cause excessive memory consumption in bfd's dwarf2.c readsection...
Fix of CVE: CVE-2020-10543
CVE-2020-10543: fix signed integer overflow leading to heap buffer overrun...
Fix of CVE: CVE-2020-10878
CVE-2020-10878: fix integer overflow leading to RCE...
Fix of CVE: CVE-2020-24513, CVE-2020-24489, CVE-2020-24512, CVE-2020-24511
Do not use "grep -q" in a pipe in checkcaveats. - Update Intel CPU microcode to microcode-20210608 release: - Fixes in releasenote.md file. - Update Intel CPU microcode to microcode-20210525 release, addresses CVE-2020-24489, CVE-2020-24511, CVE-2020-24512, and CVE-2020-24513 1962659, 1962709,...
Fix of CVE: CVE-2018-0739, CVE-2018-0737, CVE-2021-3712, CVE-2018-0732
fix CVE-2021-3712 - handling ASN.1 string as NULL terminated leads to read buffer overrun - Port patches from oracle6els branch, original changelog entry: - Oracle bug 28730228: backport CVE-2018-0732 - Oracle bug 28758493: backport CVE-2018-0737 - Merge upstream patch to fix CVE-2018-0739 -...
Fix of CVE: CVE-2021-38160, CVE-2021-3573, CVE-2021-38205, CVE-2021-3178, CVE-2021-20265, CVE-2021-3612, CVE-2021-32399, CVE-2021-37159, CVE-2014-4508, CVE-2021-28972, CVE-2021-34693, CVE-2021-20292
ELSCVE-666: CVE-2021-34693: can: bcm: fix infoleak in struct bcmmsghead - ELSCVE-705: CVE-2021-38160: virtioconsole: Assure used length from device is limited - ELSCVE-769: CVE-2014-4508: x8632, entry: Do syscall exit work on badsys CVE-2014-4508 - ELSCVE-844: CVE-2021-3573: Bluetooth: use...
Fix of CVE: CVE-2021-34693, CVE-2021-20292, CVE-2021-28972, CVE-2021-20265, CVE-2021-32399, CVE-2014-4508, CVE-2021-3612, CVE-2021-3178, CVE-2021-37159, CVE-2021-38205, CVE-2021-3573, CVE-2021-38160
ELSCVE-666: CVE-2021-34693: can: bcm: fix infoleak in struct bcmmsghead - ELSCVE-705: CVE-2021-38160: virtioconsole: Assure used length from device is limited - ELSCVE-769: CVE-2014-4508: x8632, entry: Do syscall exit work on badsys CVE-2014-4508 - ELSCVE-844: CVE-2021-3573: Bluetooth: use...
Fix of CVE: CVE-2021-22924
fix connection reuse checks for issuer cert and case sensitivity CVE-2021-22924...
Fix of CVE: CVE-2020-8517, CVE-2021-28651, CVE-2020-15049, CVE-2020-8449, CVE-2020-8450, CVE-2020-24606, CVE-2020-25097, CVE-2020-11945, CVE-2020-14058
CVE-2020-15049: fix incorrect validation of Content-Length field leading to Http smuggling and Poisoning attack - CVE-2020-14058: fix handling of unknown SSL errors which resulted in denial of service - CVE-2020-25097: fix improper input validation allowing HTTP smuggling from trusted client -...
Fix of CVE: CVE-2021-2388
Fix CVE-2021-2388 OpenJDK: Incorrect comparison during range check elimination...
Update of nscd, glibc-headers, glibc, glibc-utils, glibc-static, glibc-static, glibc-devel, glibc-devel, glibc, glibc-common
More precise DNS name checks accepting dash-.example.com, among other things...
Fix of CVE: CVE-2021-33909
ELS-130: netfilter: xtables: add missing tables zeroing - CLKRN-800: CVE-2021-33909: seqfile: disallow extremely large seq buffer allocation...
Fix of CVE: CVE-2021-33909
ELS-130: netfilter: xtables: add missing tables zeroing - CLKRN-800: CVE-2021-33909: seqfile: disallow extremely large seq buffer allocation...
Fix of CVE: CVE-2021-22925
telnet stack contents disclosure again CVE-2021-22925...
Fix of CVE: CVE-2021-22555
ELS-130: CVE-2021-22555: netfilter: xtables: fix compat match/target pad out-of-bound write...
Fix of CVE: CVE-2021-22555
ELS-130: CVE-2021-22555: netfilter: xtables: fix compat match/target pad out-of-bound write...
Fix of CVE: CVE-2021-22898
check sscanf for correct number of matches CVE-2021-22898...
Fix of CVE: CVE-2020-29661, CVE-2019-19532, CVE-2020-25656, CVE-2020-25211
CKSIX-277: CVE-2020-29661: tty: Fix -pgrp locking in tiocspgrp - CKSIX-277: CVE-2020-25656: vt: keyboard, extend funcbuflock to readers - CKSIX-277: CVE-2020-25656: tty/vt: fix write/write race in ioctlKDSKBSENT handler - CKSIX-277: CVE-2020-25656: vt: keyboard, simplify vtkdgkbsent - CKSIX-277:...
Fix of CVE: CVE-2020-25211, CVE-2020-25656, CVE-2019-19532, CVE-2020-29661
CKSIX-277: CVE-2020-29661: tty: Fix -pgrp locking in tiocspgrp - CKSIX-277: CVE-2020-25656: vt: keyboard, extend funcbuflock to readers - CKSIX-277: CVE-2020-25656: tty/vt: fix write/write race in ioctlKDSKBSENT handler - CKSIX-277: CVE-2020-25656: vt: keyboard, simplify vtkdgkbsent - CKSIX-277:...
Fix of CVE: CVE-2021-23840
Fixed integer overflow in CipherUpdateCVE-2021-23840...