Fedoraproject Fedora SEoL (19.x)

According to its version, Fedoraproject Fedora is 19.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 ...

Dell EMC NetWorker Improper Authorization (DSA-2023-294)

The version of Dell EMC NetWorker installed on the remote Windows host is 19.7.0.x prior to 19.7.0.5, 19.7.1.x, 19.8.x prior to 19.8.0.3, or 19.9.x prior to 19.9.0.2. It is, therefore, affected by an improper authorization vulnerability in the NetWorker client. An unauthenticated attacker within...

Node.js 16.x < 16.19.1, 18.x < 18.14.1, 19.x < 19.2.0 DoS Vulnerability - Mac OS X

Node.js is prone to a denial of service DoS vulnerability. Copyright C 2023 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; yo...

Asterisk Multiple Vulnerabilities (AST-2022-007, AST-2022-008, AST-2022-009)

Asterisk is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:digium:asterisk"; if description...

Input validation

Dell EMC NetWorker versions 19.1.x, 19.1.0.x, 19.1.1.x, 19.2.x, 19.2.0.x, 19.2.1.x 19.3.x, 19.3.0.x, 19.4.x, 19.4.0.x, 19.5.x,19.5.0.x, 19.6 and 19.6.0.1 and 19.6.0.2 contain an Improper Validation of Certificate with Host Mismatch vulnerability in Rabbitmq port 5671 which could allow remote...

CVE-2022-26651

An issue was discovered in Asterisk through 19.x and Certified Asterisk through 16.8-cert13. The funcodbc module provides possibly inadequate escaping functionality for backslash characters in SQL queries, resulting in user-provided data creating a broken SQL query or possibly a SQL injection. Th...

Asterisk SQLi Vulnerability (AST-2022-003)

Asterisk is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:digium:asterisk"; if...

PT-2020-16033 · Hyland · Onbase

Name of the Vulnerable Software and Affected Versions: Hyland OnBase versions prior to 18.0.0.33 and versions 19.x through 19.8.9.1000 Description: An issue exists where directory traversal is possible, allowing writing to files. This is demonstrated through the FileName parameter. Recommendation...

OpenWrt uhttpd Buffer Overflow Vulnerability

OpenWrt is a Linux operating system for embedded devices. uhttpd is one of the HTTP services. A buffer overflow vulnerability exists in uhttpd in OpenWrt versions 18.06.5 and earlier and versions 19.x through 19.07.0-rc2. The vulnerability originates when a network system or product performs an...

Centreon Cross-Site Scripting Vulnerability (CNVD-2019-46409)

Centreon Merethis Centreon is a set of open source system monitoring tools from the French company Centreon . The product mainly provides monitoring functions on the network , system and application resources . A cross-site scripting vulnerability exists in Centreon versions prior to 2.8.30, 18.x...

CVE-2019-16195

Centreon (Merethis Centreon) is vulnerable to Cross-Site Scripting via the myAccount alias and name fields in versions prior to: 2.8.30, 18.x prior to 18.10.8, and 19.x prior to 19.04.5. The root cause is a lack of proper validation of client-side data by the WEB application, enabling XSS payload...

flash-plugin: multiple code execution issues fixed in APSB16-25

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors, a different vulnerability than CVE-2016-4172,...

CVE-2016-4176

Adobe Flash Player before 18.0.0.366 and 19.x through 22.x before 22.0.0.209 on Windows and OS X and before 11.2.202.632 on Linux allows attackers to execute arbitrary code or cause a denial of service stack memory corruption via unspecified vectors, a different vulnerability than CVE-2016-4177...

CVE-2016-1012

Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors, a different vulnerability than CVE-2016-1020,...

flash-plugin: multiple code execution issues fixed in APSB16-10

Adobe Flash Player before 18.0.0.343 and 19.x through 21.x before 21.0.0.213 on Windows and OS X and before 11.2.202.616 on Linux allows attackers to execute arbitrary code or cause a denial of service memory corruption via unspecified vectors, a different vulnerability than CVE-2016-1012,...

UBUNTU-CVE-2015-8068

Use-after-free vulnerability in Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allows attackers to execute...

PT-2015-2426 · Adobe +3 · Flash Player +3

Name of the Vulnerable Software and Affected Versions: Adobe Flash Player versions 18.x through 18.0.0.252 Adobe Flash Player versions 19.x through 19.0.0.207 Adobe Flash Player versions 11.x through 11.2.202.535 Description: The issue is related to errors in the code of the Flash Player platform...