OPENSUSE-SU-2024:10520-1 perl-YAML-LibYAML-0.59-2.11 on GA media

These are all security issues fixed in the perl-YAML-LibYAML-0.59-2.11 package on the GA media of openSUSE Tumbleweed...

AZL-34904 CVE-2023-44487 affecting package kubevirt for versions less than 0.59.0-9

The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023...

@acaciomartins/react-native-simpletable (>=0.0.1 <=0.0.2), @alan-ai/alan-sdk-react-native (>=1.0.4 <=1.0.7) +1206 more potentially affected by CVE-2020-1920 via react-native (>=0.59.0 <=0.62.2)

react-native NPM version =0.59.0, =0.0.1, =1.0.4, =2.3.3, =2.0.1, =2.0.1758683737, =2.1.87, =1.0.1767254401, =1.3.0, =0.1.0, =0.1.0, =0.1.1, =0.1.3 and more Source cves: CVE-2020-1920 Source advisory: OSV:GHSA-7F53-FMMV-MFJV...

Rocket.Chat Server SQL Injection Vulnerability

Rocket.Chat Server is a Web-based open source online chat platform. A security vulnerability exists in Rocket.Chat Server 0.59 and earlier versions. An attacker can exploit the vulnerability to take control of the administrator account...

CVE-2011-4607

PuTTY 0.59 through 0.61 does not clear sensitive process memory when managing user replies that occur during keyboard-interactive authentication, which might allow local users to read login passwords by obtaining access to the process' memory...

PuTTY SSH身份验证密码信息泄露漏洞

BUGTRAQ ID: 51021 PuTTY是Windows和Unix平台上的PuTTYTelnet和SSH的实现，带有xterm终端模拟器。 PuTTY 0.59到0.61版本没有删除身份验证过程中用户输入的内容，在内存中保存了用户的密码，成功利用后可使攻击者获取敏感信息。 Simon Tatham PuTTY 0.61 Simon Tatham PuTTY 0.60 Simon Tatham PuTTY 0.59 厂商补丁： Simon Tatham ------------ 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

CVE-2006-7162

PuTTY 0.59 and earlier uses weak file permissions for 1 ppk files containing private keys generated by puttygen and 2 session logs created by putty, which allows local users to gain sensitive information by reading these files...

CVE-2006-7162

PuTTY 0.59 and earlier is affected by weak file permissions on (1) ppk files containing private keys and (2) session logs, enabling local users to read sensitive information. The connected Red Hat, Ubuntu, Debian, OSV, and CVE aggregations confirm the same issue across multiple sources. Root caus...

RHEL 2.1 : gaim (RHSA-2002:122)

"Updated gaim packages are now available for Red Hat Linux Advanced Server. These updates fix a buffer overflow in the Jabber plug-in module. Gaim is an instant messaging client based on the published TOC protocol from AOL. Versions of gaim prior to 0.58 contain a buffer overflow in the Jabber...