Amazon Linux 2023 : libnvfatbin-12, libnvfatbin-devel-12 (ALAS2023NVIDIA-2025-199)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023NVIDIA-2025-199 advisory. NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to...

EUVD-2022-25925

Malicious code in bioql PyPI...

CVE-2024-54136

ClipBucket V5 provides open source video hosting with PHP. ClipBucket-v5 Version 5.5.1 Revision 199 and below is vulnerable to PHP Deserialization vulnerability. The vulnerability exists in upload/upload.php where the user supplied input via collection get parameter is directly provided to...

CVE-2024-54136

ClipBucket V5 provides open source video hosting with PHP. ClipBucket-v5 Version 5.5.1 Revision 199 and below is vulnerable to PHP Deserialization vulnerability. The vulnerability exists in upload/upload.php where the user supplied input via collection get parameter is directly provided to...

Slackware Linux 15.0 / current openssl Multiple Vulnerabilities (SSA:2024-199-01)

The version of openssl installed on the remote host is prior to 1.1.1za. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2024-199-01 advisory. New openssl packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the...

Amazon Linux 2023 : wireshark-cli, wireshark-devel (ALAS2023-2023-199)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-199 advisory. RPCoRDMA dissector crash in Wireshark 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows denial of service via packet injection or crafted capture file CVE-2023-1992 LISP dissector large loop in Wiresha...

CVE-2022-20675

A vulnerability in the TCP/IP stack of Cisco Email Security Appliance ESA, Cisco Web Security Appliance WSA, and Cisco Secure Email and Web Manager, formerly Security Management Appliance, could allow an unauthenticated, remote attacker to crash the Simple Network Management Protocol SNMP service...

CVE-2022-20675

A vulnerability in the TCP/IP stack of Cisco Email Security Appliance ESA, Cisco Web Security Appliance WSA, and Cisco Secure Email and Web Manager, formerly Security Management Appliance, could allow an unauthenticated, remote attacker to crash the Simple Network Management Protocol SNMP service...

Multiple Cisco Security Products Simple Network Management Protocol Service Denial of Service Vulnerability

A vulnerability in the TCP/IP stack of Cisco Email Security Appliance ESA, Cisco Web Security Appliance WSA, and Cisco Secure Email and Web Manager, formerly Security Management Appliance, could allow an unauthenticated, remote attacker to crash the Simple Network Management Protocol SNMP service...

多款 Cisco 产品安全漏洞

Cisco Email Security Appliance ESA and so on are products of Cisco USA.Cisco Email Security Appliance is an email security appliance.Cisco Web Security Appliance WSA is a Web Security Appliance.Cisco Secure Email is A security vulnerability exists in the Cisco Email Security Appliance ESA, Cisco...

CVE-2017-18473

CVE-2017-18473 affects cPanel before 62.0.4, where the Webmail Password and Security page is vulnerable to a self-XSS due to insufficient input validation. Root cause cited in CNVD as lack of proper validation of client-side data. Impact is self-XSS on affected page; exploitation details are not ...

CVE-2018-13298

Channel accessible by non-endpoint vulnerability in privacy page in Synology Android Moments before 1.2.3-199 allows man-in-the-middle attackers to execute arbitrary code via unspecified vectors...

openSUSE Security Update : libdb-4_8 (openSUSE-2018-199)

This update for libdb-48 fixes the following issues : - A DBCONFIG file in the current working directory allowed local users to obtain sensitive information via a symlink attack involving a setgid or setuid application using libdb-48. bsc1043886 This update was imported from the SUSE:SLE-12:Updat...

Slackware 14.2 / current : gd (SSA:2017-199-02)

New gd packages are available for Slackware 14.2 and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2017-199-02. The text itself is copyright C Slackware...

CVE-2016-9637

The 1 ioportread and 2 ioportwrite functions in Xen, when qemu is used as a device model within Xen, might allow local x86 HVM guest OS administrators to gain qemu process privileges via vectors involving an out-of-range ioport access...

OracleVM 3.3 : xen (OVMSA-2016-0171)

The remote OracleVM system is missing necessary patches to address critical security updates : - qemuup: ioportread, ioportwrite: be defensive about 32-bit addresses On x86, ioport addresses are 16-bit. That these functions take 32-bit arguments is a mistake. Changing the argument type to 16-bit...

FedRAMP High Baseline Requirements Published

The Federal Risk and Authorization Management Program FedRAMP Project Management Office officially released its High baseline for High impact-level systems. This baseline is at the High/High/High categorization level for confidentiality, integrity, and availability in accordance with FIPS 199; an...

Amazon Linux: Security Advisory (ALAS-2013-199)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Windows x86 - user32!MessageBox "Hello World!" 199 Bytes Null-Free

Windows x86 - user32!MessageBox "Hello World!" 199 Bytes Null-Free. Shellcode exploit for win32 platform / This file was automatically generated by mkhex.sh, which, together with the complete and heavily commented assembly source code for this shellcode, is available at...

Debian DLA-199-1 : libx11 security update

Abhishek Arya discovered a buffer overflow in the MakeBigReq macro provided by libx11, which could result in denial of service or the execution of arbitrary code. Several other xorg packages e.g. libxrender will be recompiled against the fixed package after the release of this update. For detaile...