MiracleLinux 7 : OpenEXR-1.7.1-8.el7 (AXSA:2020-656:02)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-656:02 advisory. OpenEXR: out-of-bounds read during Huffman uncompression CVE-2020-11761 OpenEXR: std::vector out-of-bounds read and write in ImfTileOffsets.cpp...

MiracleLinux 4 : firefox-68.2.0-4.0.1.AXS4 (AXSA:2019-4386:06)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2019-4386:06 advisory. Mozilla: Memory safety bugs fixed in Firefox 70 and Firefox ESR 68.2 CVE-2019-11764 Mozilla: Use-after-free when creating index updates in IndexedDB...

Linux Distros Unpatched Vulnerability : CVE-2020-11763

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in OpenEXR before 2.4.1. There is an std::vector out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp. CVE-2020-11763 Not...

CVE-2024-11763

The Plezi plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'plezi' shortcode in all versions up to, and including, 1.0.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, wi...

CVE-2024-11763

creationtimestamp| type| source ---|---|--- 2024-12-14 04:48:38+00:00| seen| https://infosec.exchange/users/cve/statuses/113649366985416021...

CVE-2024-11763 Plezi <= 1.0.6 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Plezi plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'plezi' shortcode in all versions up to, and including, 1.0.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, wi...

Oracle Linux 8 : httpd:2.4 (ELSA-2024-3121)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3121 advisory. - Resolves: RHEL-14448 - httpd: modmacro: out-of-bounds read vulnerability CVE-2023-31122 - Resolves: RHEL-29817 - httpd:2.4/modhttp2: httpd:...

httpd:2.4 security update

httpd 2.4.37-64.0.1 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-64 - Resolves: RHEL-14448 - httpd: modmacro: out-of-bounds read vulnerability CVE-2023-31122 2.4.37-63 - modxml2enc: fix media type handling Resolves: RHEL-14321 modhttp2 1.15.7-10 - Resolves: RHEL-29817 -...

RHEL 6 : openexr (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - OpenEXR: Heap-buffer-overflow in Imf25::copyIntoFrameBuffer CVE-2021-23169 - OpenEXR: Heap Overflow in...

RHEL 6 / 7 : httpd24 (RHSA-2018:3558)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3558 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. The httpd24 packages provide a recent stable release of...

BELL-CVE-2018-11763 CVE-2018-11763 does not affect BellSoft software

Bulletin has no description...

K28902827: Apache mod_http2 vulnerability CVE-2018-11763

Security Advisory Description In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not...

SUSE CVE-2018-11763

In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol...

Ubuntu: Security Advisory (USN-4202-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware: Security Advisory (SSA:2019-295-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2018-11763

creationtimestamp| type| source ---|---|--- 2022-02-18 16:23:37+00:00| seen| https://t.me/cyberdenteam/354...

Mageia: Security Advisory (MGASA-2019-0315)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GLSA-202107-27 : OpenEXR: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202107-27 OpenEXR: Multiple vulnerabilities Multiple vulnerabilities have been discovered in OpenEXR. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for detail...

NewStart CGSL CORE 5.05 / MAIN 5.05 : OpenEXR Multiple Vulnerabilities (NS-SA-2021-0149)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has OpenEXR packages installed that are affected by multiple vulnerabilities: - An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during Huffman uncompression, as demonstrated by...

KLA12363 DoS vulnerability in Apache HTTP Server

Denial of service vulnerability was found in Apache HTTP Server. Malicious users can exploit this vulnerability to cause denial of service. Original advisories Fixed in Apache HTTP Server 2.4.35 Related products Apache-HTTP-Server CVE list CVE-2018-11763 high Solution Update to the latest version...