RHEL 6 : ovmf (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openssl: Malformed X.509 IPAdressFamily could cause OOB read CVE-2017-3735 - openssl: 0-byte record paddi...

Exploit for Improper Input Validation in Paloaltonetworks Pan-Os

CVE-2024-3400 !POChttps://github.com/schooldropout1337/CVE...

CentOS 9 : c-ares-1.19.1-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the c-ares-1.19.1-1.el9 build changelog. - AutoTools does not set CARESRANDOMFILE during cross compilation rhel-9 CVE-2023-31124 - Buffer Underwrite in aresinetnetpton rhel-9...

c security update

CentOS Errata and Security Advisory CESA-2023:3741 An update for c-ares is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Important: c-ares

Issue Overview: Denial of Service. An issue in c-ares was found where a 0-byte UDP payload can cause a Denial of Service CVE-2023-32067. Affected Packages: c-ares Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core an...

RHEL 8 : nodejs:16 (RHSA-2023:4034)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:4034 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...

Important: Red Hat Security Advisory: c-ares security update

An update for c-ares is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

Important: Red Hat Security Advisory: c-ares security update

An update for c-ares is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as...

RHEL 8 : c-ares (RHSA-2023:3662)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:3662 advisory. The c-ares C library defines asynchronous DNS Domain Name System requests and provides name resolving API. Security Fixes: c-ares: 0-byte UDP payload...

RHEL 9 : c-ares (RHSA-2023:3559)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:3559 advisory. The c-ares C library defines asynchronous DNS Domain Name System requests and provides name resolving API. Security Fixes: c-ares: 0-byte UDP payload...

RHEL 9 : c-ares (RHSA-2023:3583)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:3583 advisory. The c-ares C library defines asynchronous DNS Domain Name System requests and provides name resolving API. Security Fixes: c-ares: 0-byte UDP payload...

RHEL 9 : nodejs (RHSA-2023:3586)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:3586 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language...

CVE-2023-32067

A vulnerability was found in c-ares. This issue occurs due to a 0-byte UDP payload that can cause a Denial of Service...

SUSE: Security Advisory (SUSE-SU-2019:0600-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2019:14092-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-11045

In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to access...

CVE-2019-11045

In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte. This could lead to security vulnerabilities, e.g. in applications checking paths that the code is allowed to access...

openssl security update

CentOS Errata and Security Advisory CESA-2019:2304 An update for openssl is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Scientific Linux Security Update : openssl on SL7.x x86_64 (20190806)

Security Fixes : - openssl: 0-byte record padding oracle CVE-2019-1559 - openssl: timing side channel attack in the DSA signature algorithm CVE-2018-0734 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid128247;...

openssl security update

1.0.2k-19.0.1 - Bump release for rebuild. 1.0.2k-19 - close the RSA decryption 9 lives of Bleichenbacher cat timing side channel 1649568 1.0.2k-18 - fix CVE-2018-0734 - DSA signature local timing side channel - fix CVE-2019-1559 - 0-byte record padding oracle - close the RSA decryption One & done...