Socomec DIRIS A-40 Devices Password Disclosure

Socomec DIRIS A-40 devices before 48250501 are susceptible to a password disclosure vulnerability in the web interface that could allow remote attackers to get full access to a device via the /password.jsn URI. id: CVE-2019-15859 info: name: Socomec DIRIS A-40 Devices Password Disclosure author:...

MiracleLinux 8 : virt:rhel and virt-devel:rhel (AXSA:2022-2938:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-2938:01 advisory. QEMU: net: e1000e: use-after-free while sending packets CVE-2020-15859 QEMU: slirp: invalid pointer initialization may lead to information disclosur...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : xkbcomp (SUSE-SU-2025:4426-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4426-1 advisory. - CVE-2018-15863: NULL pointer dereference triggered by a a crafted keymap file with a no-op...

Security update for xkbcomp

This update for xkbcomp fixes the following issues: CVE-2018-15863: NULL pointer dereference triggered by a a crafted keymap file with a no-op modmask expression can lead to a crash bsc1105832. CVE-2018-15861: NULL pointer dereference triggered by a crafted keymap file that induces an xkbinternat...

Fedora 42 : xkbcomp (2025-e110b32ac7)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-e110b32ac7 advisory. xkbcomp 1.5.0 CVE-2018-15853, CVE-2018-15859, CVE-2018-15861, CVE-2018-15863 Tenable has extracted the preceding description block directly from the...

Linux Distros Unpatched Vulnerability : CVE-2020-15859

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - QEMU 4.2.0 has a use-after-free in hw/net/e1000ecore.c because a guest OS user can trigger an e1000e packet with the data's address set to the e1000e's MMIO...

SUSE: Security Advisory (SUSE-SU-2024:0037-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : libxkbcommon (SUSE-SU-2024:0037-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0037-1 advisory. - Endless recursion exists in xkbcomp/expr.c in xkbcommon and libxkbcommon before 0.8.1, which could be used by local attackers to...

NewStart CGSL CORE 5.05 / MAIN 5.05 : mesa-libGLw Multiple Vulnerabilities (NS-SA-2023-0024)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has mesa-libGLw packages installed that are affected by multiple vulnerabilities: - An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string...

SUSE CVE-2018-15859

Unchecked NULL pointer usage when parsing invalid atoms in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash NULL pointer dereference the xkbcommon parser by supplying a crafted keymap file, because lookup failures are mishandled...

Debian: Security Advisory (DLA-3099-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 8 : virt:rhel and virt-devel:rhel (CESA-2021:4191)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4191 advisory. - QEMU: net: e1000e: use-after-free while sending packets CVE-2020-15859 - QEMU: slirp: invalid pointer initialization may lead to information disclosu...

RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2021:4191)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4191 advisory. Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contai...

Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...

ALSA-2021:4191 Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...

RLSA-2021:4191 Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:Rocky Linux module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting wi...

SUSE: Security Advisory (SUSE-SU-2018:3685-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DLA-2560-1 : qemu security update

Several vulnerabilities were discovered in QEMU, a fast processor emulator notably used in KVM and Xen HVM virtualization. An attacker could trigger a denial of service DoS, information leak, and possibly execute arbitrary code with the privileges of the QEMU process on the host. CVE-2020-15469 A...

Debian: Security Advisory (DLA-2560-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-4725-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...