Linux Distros Unpatched Vulnerability : CVE-2018-20337

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a stack-based buffer overflow in the parsemakernote function of dcrawcommon.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or...

CVE-2025-20337

A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The attacker does not require any valid credentials to exploit this vulnerability. This vulnerability is due to...

Cisco Warns of Critical ISE Flaw Allowing Unauthenticated Attackers to Execute Root Code

Cisco has disclosed a new maximum-severity security vulnerability impacting Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC that could permit an attacker to execute arbitrary code on the underlying operating system with elevated privileges. Tracked as CVE-2025-20337,...

CVE-2025-20337

creationtimestamp| type| source ---|---|--- 2025-06-26 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1579 2025-07-16 16:29:38+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114863857818669082 2025-07-17 03:00:00+00:00| seen|...

CVE-2019-20337

creationtimestamp| type| source ---|---|--- 2024-03-19 14:46:43+00:00| seen| https://t.me/ctinow/211558...

Cisco Issues Patch for High-Severity VPN Hijacking Bug in Secure Client

Cisco has released patches to address a high-severity security flaw impacting its Secure Client software that could be exploited by a threat actor to open a VPN session with that of a targeted user. The networking equipment company described the vulnerability, tracked as CVE-2024-20337 CVSS score...

CVE-2024-20337

Cisco Secure Client (formerly AnyConnect) is affected by CVE-2024-20337, a CRLF injection in the SAML authentication flow due to insufficient input validation. An unauthenticated, remote attacker could entice a user to click a crafted link during VPN session establishment, enabling script executi...

Rocky Linux 8 : GNOME (RLSA-2020:1766)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:1766 advisory. - There is a stack-based buffer overflow in the parsemakernote function of dcrawcommon.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of...

SUSE CVE-2018-20337

There is a stack-based buffer overflow in the parsemakernote function of dcrawcommon.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or possibly unspecified other impact...

AlmaLinux 8 : GNOME (ALSA-2020:1766)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:1766 advisory. - There is a stack-based buffer overflow in the parsemakernote function of dcrawcommon.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of servic...

CVE-2021-20337

creationtimestamp| type| source ---|---|--- 2021-07-26 16:11:34+00:00| seen| https://t.me/cibsecurity/26488...

CVE-2021-20337

IBM QRadar SIEM versions affected: 7.3.0–7.3.3 Patch 8 and 7.4.0–7.4.3 GA. Root cause: weaker-than-expected cryptographic algorithms leading to potential decryption of highly sensitive information. Impact: information disclosure as described in multiple sources (CVE-2021-20337). Remediation/mitig...

Security Bulletin: IBM QRadar SIEM uses weaker than expected cryptographic algorithms (CVE-2021-20337)

Summary IBM QRadar SIEM uses weaker than expected cryptographic algorithms Vulnerability Details CVEID: CVE-2021-20337 DESCRIPTION: IBM QRadar uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. CVSS Base score: 5.9 CVSS Tempora...

CVE-2019-20337

In PHP Scripts Mall advanced-real-estate-script 4.0.9, the newsedit.php newsid parameter is vulnerable to SQL Injection...

CVE-2019-20337

Summary: CVE-2019-20337 affects PHP Scripts Mall advanced-real-estate-script 4.0.9. The vulnerability is in news_edit.php, where the news_id parameter is vulnerable to SQL Injection. The root cause is improper input validation/sanitization of externally provided SQL statements. Reported impact in...

openSUSE Security Update : libraw (openSUSE-2019-94)

This update for libraw fixes the following issues : Security issues fixed : - CVE-2018-20337: Fixed a stack-based buffer overflow in the parsemakernote function of dcrawcommon.cpp bsc1120519 - CVE-2018-20365: Fixed a heap-based buffer overflow in the raw2image function of librawcxx.cpp bsc1120500...

openSUSE: Security Advisory for libraw (openSUSE-SU-2019:0094-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE SLED15 / SLES15 Security Update : libraw (SUSE-SU-2019:0133-1)

This update for libraw fixes the following issues : Security issues fixed : CVE-2018-20337: Fixed a stack-based buffer overflow in the parsemakernote function of dcrawcommon.cpp bsc1120519 CVE-2018-20365: Fixed a heap-based buffer overflow in the raw2image function of librawcxx.cpp bsc1120500...

Fedora 29 : LibRaw (2018-801432b551)

Fixes for CVE-2018-20337, CVE-2018-20363, CVE-2018-20364, CVE-2018-20365 https://www.libraw.org/news/libraw-0-19-2-release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean...

CVE-2018-20337

There is a stack-based buffer overflow in the parsemakernote function of dcrawcommon.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or possibly unspecified other impact...