49 matches found
MiracleLinux 8 : pcre-8.42-6.el8 (AXSA:2021-2716:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2716:01 advisory. pcre: Buffer over-read in JIT when UTF is disabled and \X or \R has fixed quantifier greater than 1 CVE-2019-20838 pcre: Integer overflow when parsi...
CVE-2026-20838
Generation of error message containing sensitive information in Windows Kernel allows an authorized attacker to disclose information locally...
CVE-2026-20838
creationtimestamp| type| source ---|---|--- 2026-01-13 18:01:16+00:00| seen| https://www.thezdi.com/blog/2026/1/13/the-january-2026-security-update-review 2026-01-13 18:16:30+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0007 2026-04-10 10:53:42+00:00| seen|...
CVE-2026-20838 Windows Kernel Information Disclosure Vulnerability
...
AlmaLinux 9 : zziplib (ALSA-2025:20838)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:20838 advisory. zziplib: directory traversal in unzzipcat in the bins/unzzipcat-mem.c CVE-2018-17828 Tenable has extracted the preceding description block directly from the...
RHEL 9 : zziplib (RHSA-2025:20838)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:20838 advisory. The zziplib is a lightweight library to easily extract data from zip files. Security Fixes: zziplib: directory traversal in unzzipcat in the...
TencentOS Server 3: pcre (TSSA-2022:0216)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0216 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
CVE-2024-20838
Improper validation vulnerability in Samsung Internet prior to version 24.0.3.2 allows local attackers to execute arbitrary code...
CVE-2023-20838
In imgsys, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326418...
Linux Distros Unpatched Vulnerability : CVE-2019-20838
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to...
Security Bulletin: IBM Aspera Shares is vulnerable to multiple high severity vulnerabilities (CVE-2022-1586, CVE-2022-4304, CVE-2023-0215, CVE-2023-0286, CVE-2019-20838, CVE-2022-2068, CVE-2022-1587)
Summary This Security Bulletin addresses multiple high severity OpenSSL security vulnerabilities that have been remediated in IBM Aspera Shares 1.10.0 PL4. Vulnerability Details CVEID:CVE-2022-1586 DESCRIPTION: PCRE2 could allow a remote attacker to execute arbitrary code on the system, caused by...
Security Bulletin: IBM Aspera Console has addressed multiple PCRE and PCRE2 library vulnerabilities (CVE-2022-1587, CVE-2019-20838, CVE-2022-1586)
Summary This Security Bulletin addresses security vulnerabilities related to PCRE and PCRE2 library vulnerabilities that have been remediated CVE-2022-1587, CVE-2019-20838, CVE-2022-1586 in IBM Aspera Console 3.4.2 PL5. Vulnerability Details CVEID:CVE-2022-1587 DESCRIPTION: PCRE2 could allow a...
CVE-2024-20838
creationtimestamp| type| source ---|---|--- 2024-03-05 06:22:26+00:00| seen| https://t.me/ctinow/199934 2024-03-05 06:27:13+00:00| seen| https://t.me/ctinow/199947...
CVE-2024-20838
Samsung Internet prior to version 24.0.3.2 contains an improper validation vulnerability that could allow local attackers to execute arbitrary code. Affected: Samsung Internet on supported Samsung devices (pre-24.0.3.2). Root cause: improper validation in the browser component. Impact: local code...
CVE-2023-20838
creationtimestamp| type| source ---|---|--- 2023-09-04 07:16:06+00:00| seen| https://t.me/cibsecurity/69720...
CVE-2023-20838
In imgsys, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326418...
CVE-2023-20838
CVE-2023-20838 concerns the imgsys component. Multiple connected sources confirm a race-condition–driven out-of-bounds read that can leak local information and, in some scenarios, enable system-level execution with user interaction required for exploitation. Affected references consistently descr...
SUSE CVE-2019-20838
libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to CVE-2019-20454...
CVE-2022-20838
Cisco Firepower Management Center (FMC) web UI contains stored XSS vulnerabilities due to insufficient input validation. An authenticated, remote attacker could inject crafted input into UI fields to execute arbitrary script in the FMC interface context or access browser-based information, with p...
Ubuntu: Security Advisory (USN-5425-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...