Linux

Top Linux Vulnerabilities for November 2021 1. Buffer overflow in Golang (<1.16.9) Severity: Critical         CVSS Score: 9.8 This is a validation flaw in Golang. When invoking functions from WASM modules built using GOARCH=wasm GOOS=js, passing very large arguments can cause...

Linux Vulnerabilities of the Week: November 1, 2021 1. Unsafe deserialization of Xalan xsltc.trax.TemplatesImpl in XStream Severity: Important    CVSS Score: 8.8 XStream is a simple library, used to serialize objects to XML and back again. This is a flaw in...

Linux Vulnerabilities of the Week: October 25, 2021 1. Buffer overflow in Golang (<1.16.9) Severity: Critical         CVSS Score: 9.8 This is a validation flaw in Golang. When invoking functions from WASM modules built using GOARCH=wasm GOOS=js, passing very large arguments...

Linux Vulnerabilities of the Week: October 18, 2021 1. Apache HTTP server vulnerability Severity: Critical         CVSS Score: 9.8 This is a path transversal and remote code execution flaw in Apache HTTP Server 2.4.49 and 2.4.50, which a remote attacker could...

Top Linux Vulnerabilities for October 2021 1. Missing input validation in domain names in Node.js Severity: Critical         CVSS Score: 9.8 Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to remote code execution, Cross-site scripting (XSS), application crashes due to missing...

Linux Vulnerabilities of the Week: October 4, 2021 1. Apache HTTP Server (2.4.48 and earlier) vulnerability Severity: Critical     CVSS Score: 9.8 ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data...

Linux Vulnerabilities of the Week: September 27, 2021 1. Missing input validation in domain names in Node.js Severity: Critical         CVSS Score: 9.8 Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to remote code execution, Cross-site scripting (XSS), application crashes due...

Linux Vulnerabilities of the Week: September 20, 2021 1. Lack of certain index validation in GoGo Protobuf (< 1.3.2) Severity: Important    CVSS Score: 8.6 This flaw allows a remote attacker to send crafted protobuf messages, causing a denial of service....

Top Linux Vulnerabilities for September 2021 1. Improper Input Validation in Node.js (<16.6.0, 14.17.4, and 12.22.4) affecting Red Hat Enterprise Linux 8 Severity: Critical         CVSS Score: 9.8 Node. js is vulnerable to remote code execution, Cross-site scripting (XSS), application crashes...

Linux Vulnerabilities of the Week: September 6, 2021 1. Missing request length checks in LibX11 affecting Red Hat Enterprise Linux 8 Severity: Critical    CVSS Score: 9.8 This is a missing validation flaw in libX11 before 1.7.1. The libX11 XLookupColor request...