19 matches found
CVE-2025-11933
Improper Input Validation in the TLS 1.3 CKS extension parsing in wolfSSL 5.8.2 and earlier on multiple platforms allows a remote unauthenticated attacker to potentially cause a denial-of-service via a crafted ClientHello message with duplicate CKS extensions...
Linux Distros Unpatched Vulnerability : CVE-2025-11933
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Input Validation in the TLS 1.3 CKS extension parsing in wolfSSL 5.8.2 and earlier on multiple platforms allows a remote unauthenticated attacker to...
CVE-2025-11933
creationtimestamp| type| source ---|---|--- 2025-11-21 23:51:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m66hzpaybf2a...
UBUNTU-CVE-2025-11933
Improper Input Validation in the TLS 1.3 CKS extension parsing in wolfSSL 5.8.2 and earlier on multiple platforms allows a remote unauthenticated attacker to potentially cause a denial-of-service via a crafted ClientHello message with duplicate CKS extensions...
AlmaLinux 10 : sqlite (ALSA-2025:11933)
The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:11933 advisory. sqlite: Integer Truncation in SQLite CVE-2025-6965 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note that...
CVE-2020-11933
creationtimestamp| type| source ---|---|--- 2020-07-29 20:55:27+00:00| seen| https://t.me/cibsecurity/13740...
CVE-2020-11933
cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security...
CVE-2020-11933 local snapd exploit through cloud-init
cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security...
CVE-2020-11933
The CVE-2020-11933 issue affects Ubuntu Core 16/18 when cloud-init is managed by snapd. It describes cloud-init running with no boot-time restrictions, enabling a physical attacker to craft cloud-init user-data/meta-data on external media to perform arbitrary changes and bypass security controls ...
Ubuntu: Security Advisory (USN-4424-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 31 : snapd (2020-ccb155ea2c)
Update to v2.45.2 to fix CVE-2020-11933 and CVE-2020-11934 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : snapd vulnerabilities (USN-4424-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4424-1 advisory. It was discovered that cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices ran on every boot without...
Fedora 32 : snapd (2020-7685deba9b)
Update to v2.45.2 to fix CVE-2020-11933 and CVE-2020-11934 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
USN-4424-1: snapd vulnerabilities
It was discovered that cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices ran on every boot without restrictions. A physical attacker could exploit this to craft cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intende...
CVE-2020-11933
cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security...
CVE-2019-11933
A heap buffer overflow bug in libpldroidsonroidsgif before 1.2.19, as used in WhatsApp for Android before version 2.19.291 could allow remote attackers to execute arbitrary code or cause a denial of service...
CVE-2019-11933
This CVE affects libpl_droidsonroids_gif before 1.2.19, used by WhatsApp for Android up to version 2.19.291. The root cause is a heap buffer overflow in the GIF handling component, which could allow remote attackers to execute arbitrary code or cause a denial of service. A remediation is to updat...
CVE-2018-11933
CVE-2018-11933 is rejected/not used and does not represent an active vulnerability entry.
CVE-2018-11933
...