Moderate: Red Hat Security Advisory: virt:rhel and virt-devel:rhel security and bug fix update

An update for the virt:rhel and virt-devel:rhel modules is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

RLSA-2023:0099 Moderate: virt:rhel and virt-devel:rhel security and bug fix update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:Rocky Linux module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting wi...

Security Bulletin: IBM Security Proventia Network Active Bypass is affected by openssl vulnerabilities (CVE-2017-3735)

Summary IBM Security Proventia Network Active Bypass has addressed the following vulnerabilities. CVE-2017-3735 Vulnerability Details CVEID: CVE-2017-3735 DESCRIPTION: OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error while parsing an IPAdressFamily extensi...

Security Bulletin: GNU C library (glibc) vulnerability affects IBM Security Network Active Bypass (CVE-2015-7547)

Summary A GNU C library glibc stack-based buffer overflow in getaddrinfo vulnerability affects IBM Security Network Active Bypass Vulnerability Details CVEID: CVE-2015-7547 DESCRIPTION: GNU C Library glibc is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the...

lrzip buffer overflow vulnerability

lrzip Long Range ZIP is an open source compression utility for large files. A buffer overflow vulnerability exists in the 'read1g' function in the stream.c file of liblrzip.so in lrzip version 0.631. A remote attacker can exploit this vulnerability to cause a denial of service heap buffer overflo...

PT-2017-18574 · Lrzip +1 · Lrzip +1

Name of the Vulnerable Software and Affected Versions: lrzip version 0.631 Description: The issue allows remote attackers to cause a denial of service, resulting in a heap-based buffer overflow and application crash, or possibly have other unspecified impacts via a crafted archive. This is due to...

CVE-2015-4213

CVE-2015-4213 affects Cisco NX-OS 1.1(1g) on Nexus 9000 series devices, enabling remote authenticated users to discover cleartext passwords via the decryption mechanism (Bug CSCuu84391). Root cause is the decryption implementation, which allows exposure of plaintext credentials. The issue is miti...

CVE-2009-4295

Sun Ray Server Software 4.0 and 4.1 does not generate a unique DSA private key for the firmware on each Sun Ray 1, 1g, 100, and 150 DTU device, which makes it easier for remote attackers to obtain sensitive information by predicting a key and then using it to decrypt sniffed network traffic...