ubuntu

CVE-2021-22173: Buildbot crash output: fuzz-2020-12-31-3467971.pcap (#17124) · Issues · Wireshark Foundation / wireshark · GitLab

Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or crafted capture file

3 years ago

CVE

Open in Source

#google #ubuntu #linux #dos #git #auth #ssl

CVE-2021-27219: CVE-2021-27219 (GHSL-2021-045): integer overflow in g_bytes_new/g_memdup (#2319) · Issues · GNOME / GLib

An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function g_bytes_new has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corruption.

3 years ago

CVE

Open in Source

#vulnerability #ubuntu #linux #git #c++

CVE-2021-21285: Docker Engine release notes

In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing.

3 years ago

CVE

Open in Source

#vulnerability #mac #windows #apple #ubuntu #linux #debian #js #git #oracle #kubernetes #aws #log4j #amd #auth #ssh #rpm #docker #ssl

CVE-2021-21285: Docker Engine release notes

In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing.

3 years ago

CVE

Open in Source

#vulnerability #mac #windows #apple #ubuntu #linux #debian #js #git #oracle #kubernetes #aws #log4j #amd #auth #ssh #rpm #docker #ssl

CVE-2020-27733: List of bug fixes and feature enhancements

Zoho ManageEngine Applications Manager before 14 build 14880 allows an authenticated SQL Injection via a crafted Alarmview request.

CVE-2021-23239: Stable Release

The sudoedit personality of Sudo before 1.9.5 may allow a local unprivileged user to perform arbitrary directory-existence tests by winning a sudo_edit.c race condition in replacing a user-controlled directory by a symlink to an arbitrary path.

3 years ago

CVE

Open in Source

#mac #apple #ubuntu #linux #debian #js #git #intel #c++#perl #ldap #buffer_overflow #asus #auth #ssh #sap #ssl

CVE-2020-35488: GitHub - GuillaumePetit84/CVE-2020-35488

The fileop module of the NXLog service in NXLog Community Edition 2.10.2150 allows remote attackers to cause a denial of service (daemon crash) via a crafted Syslog payload to the Syslog service. This attack requires a specific configuration. Also, the name of the directory created must use a Syslog field. (For example, on Linux it is not possible to create a .. directory. On Windows, it is not possible to create a CON directory.)

3 years ago

CVE

Open in Source

#vulnerability #web #windows #ubuntu #linux #debian #dos #apache #git

CVE-2020-26422: Buildbot crash output: fuzz-2020-12-09-3589621.pcap (#17073) · Issues · Wireshark Foundation / wireshark · GitLab

Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet injection or crafted capture file

3 years ago

CVE

Open in Source

#ubuntu #linux #dos #git #c++#buffer_overflow

CVE-2020-26419: Buildbot crash output: fuzz-2020-11-19-20476.pcap (#17032) · Issues · Wireshark Foundation / wireshark · GitLab

Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file.