Azure Linux 3.0 Security Update: python-tensorboard (CVE-2019-16276)

The version of python-tensorboard installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2019-16276 advisory. - Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling. CVE-2019-16276 Note tha...

MiracleLinux 8 : go-toolset:rhel8 (AXSA:2020-275:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-275:01 advisory. golang: HTTP/1.1 headers with a space before the colon leads to filter bypass or request smuggling CVE-2019-16276 golang: invalid public key causes...

Linux Distros Unpatched Vulnerability : CVE-2019-16276

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling. CVE-2019-16276 Note that Nessus relies on the presence of the package as reported by th...

CVE-2019-16276 affecting package python-tensorboard for versions less than 2.16.2-2

CVE-2019-16276 affecting package python-tensorboard for versions less than 2.16.2-2. An upgraded version of the package is available that resolves this issue...

Oracle Linux 7 : kubernetes (ELSA-2019-4816)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4816 advisory. - CVE-2019-16276 Kubernetes Vulnerabilities Allow Authentication Bypass, DoS - CVE-2019-16276 Support patching flannel/dashboard on upgrade -...

SUSE CVE-2018-19270

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-16276. Reason: This candidate is a reservation duplicate of CVE-2018-16276. Notes: All CVE users should reference CVE-2018-16276 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...

SUSE CVE-2019-16276

Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling...

CVE-2017-16276

Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker...

CVE-2017-16276

Summary of CVE-2017-16276 (Insteon Hub) : The Insteon Hub (firmware 1012) PubNub message handler on channel “cc” contains multiple stack-based buffer overflow vulnerabilities triggered by malformed JSON in the authenticated HTTP request. In particular, the code copies user-supplied strings (for k...

K14652952: yurex USB driver vulnerability CVE-2018-16276

Security Advisory Description An issue was discovered in yurexread in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges...

SUSE: Security Advisory (SUSE-SU-2018:3618-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:3003-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DLA-2591-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 2592-1] golang-1.8 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2592-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler March 13, 2021 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 2591-1] golang-1.7 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2591-1 [email protected] https://www.debian.org/lts/security/ Sylvain Beucler March 13, 2021 https://wiki.debian.org/LTS -...

CentOS 8 : go-toolset:rhel8 (CESA-2020:0329)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:0329 advisory. - golang: HTTP/1.1 headers with a space before the colon leads to filter bypass or request smuggling CVE-2019-16276 - golang: invalid public key causes...

CVE-2020-16276

CVE-2020-16276 describes an SQL injection in the Assets component of SAINT Security Suite versions 8.0 through 9.8.20 . The vulnerability allows a remote, authenticated attacker to gain unauthorized access to the database, as stated in multiple sources. The provided documents do not include expli...

Security Bulletin: Vulnerability in Go programming language affects IBM Spectrum Protect Server (CVE-2019-16276)

Summary The Go programming language could allow a remote attacker to bypass security restrictions which affects the IBM Spectrum Protect Server. Vulnerability Details CVEID: CVE-2019-16276 DESCRIPTION: Golang could allow a remote attacker to bypass security restrictions, caused by improper...

Security Bulletin: IBM Event Streams is affected by Go vulnerability CVE-2019-16276

Summary IBM Event Streams has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2019-16276 DESCRIPTION: Golang could allow a remote attacker to bypass security restrictions, caused by improper validation of HTTP header. By sending a specially-crafted request, an attacker cou...

Security Bulletin: A Security Vulnerability affects IBM Cloud Private - Go (CVE-2019-16276)

Summary A Security Vulnerability affects IBM Cloud Private - Go Vulnerability Details CVEID: CVE-2019-16276 DESCRIPTION: Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling. CVSS Base score: 5.3 CVSS Temporal Score: See:...