November 8, 2021
Top Linux Vulnerabilities for November 2021 1. Buffer overflow in Golang (<1.16.9) Severity: Critical CVSS Score: 9.8 This is a validation flaw in Golang. When invoking functions from WASM modules built using GOARCH=wasm GOOS=js, passing very large arguments can cause...
November 2, 2021
Linux Vulnerabilities of the Week: November 1, 2021 1. Unsafe deserialization of Xalan xsltc.trax.TemplatesImpl in XStream Severity: Important CVSS Score: 8.8 XStream is a simple library, used to serialize objects to XML and back again. This is a flaw in...
October 25, 2021
Linux Vulnerabilities of the Week: October 25, 2021 1. Buffer overflow in Golang (<1.16.9) Severity: Critical CVSS Score: 9.8 This is a validation flaw in Golang. When invoking functions from WASM modules built using GOARCH=wasm GOOS=js, passing very large arguments...
October 18, 2021
Linux Vulnerabilities of the Week: October 18, 2021 1. Apache HTTP server vulnerability Severity: Critical CVSS Score: 9.8 This is a path transversal and remote code execution flaw in Apache HTTP Server 2.4.49 and 2.4.50, which a remote attacker could...
October 13, 2021
Top Linux Vulnerabilities for October 2021 1. Missing input validation in domain names in Node.js Severity: Critical CVSS Score: 9.8 Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to remote code execution, Cross-site scripting (XSS), application crashes due to missing...
October 5, 2021
Linux Vulnerabilities of the Week: October 4, 2021 1. Apache HTTP Server (2.4.48 and earlier) vulnerability Severity: Critical CVSS Score: 9.8 ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data...
September 27, 2021
Linux Vulnerabilities of the Week: September 27, 2021 1. Missing input validation in domain names in Node.js Severity: Critical CVSS Score: 9.8 Node.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to remote code execution, Cross-site scripting (XSS), application crashes due...
September 20, 2021
Linux Vulnerabilities of the Week: September 20, 2021 1. Lack of certain index validation in GoGo Protobuf (< 1.3.2) Severity: Important CVSS Score: 8.6 This flaw allows a remote attacker to send crafted protobuf messages, causing a denial of service....
September 13, 2021
Top Linux Vulnerabilities for September 2021 1. Improper Input Validation in Node.js (<16.6.0, 14.17.4, and 12.22.4) affecting Red Hat Enterprise Linux 8 Severity: Critical CVSS Score: 9.8 Node. js is vulnerable to remote code execution, Cross-site scripting (XSS), application crashes...
September 6, 2021
Linux Vulnerabilities of the Week: September 6, 2021 1. Missing request length checks in LibX11 affecting Red Hat Enterprise Linux 8 Severity: Critical CVSS Score: 9.8 This is a missing validation flaw in libX11 before 1.7.1. The libX11 XLookupColor request...