92 matches found
Debian DLA-2131-2 : rrdtool regression update
It was discovered that there was a regression in a previous fix, which resulted in the following error : ERROR: cannot compile regular expression: Error while compiling regular expression ^?:^%+|%%%+- 0?0-9.0-9+?leEfF%s?:^%+|%%$ at char 18: range out of order in character class ^?:^%+|%%%+-...
CVE-2020-2131
Jenkins Harvest SCM Plugin 0.5.1 and earlier stores passwords unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system...
CVE-2020-2131
The CVE-2020-2131 issue affects Jenkins Harvest SCM Plugin versions 0.5.1 and earlier, where passwords are stored unencrypted in the job config.xml on the Jenkins master. This enables exposure to users with Extended Read permission or anyone with master filesystem access. The connected advisories...
Format string
Multiple format string vulnerabilities in the python module in RRDtool, as used in Zenoss Core before 4.2.5 and other products, allow remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted third argument to the rrdtool.graph function, aka ZEN-15415...
CVE-2014-6262
Multiple format string vulnerabilities in the python module in RRDtool, as used in Zenoss Core before 4.2.5 and other products, allow remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted third argument to the rrdtool.graph function, aka ZEN-15415...
CVE-2019-2131
CVE-2019-2131 affects Android devices where an application with overlay permission can display overlays on top of the Settings UI, potentially enabling local elevation of privilege. The issue is tied to the overlay permission mechanism on versions including Android 7.0–9.x (Android-7.0, 7.1.1, 7....
CVE-2018-2131
CVE-2018-2131 is rejected/not used per the description; this entry does not represent an active vulnerability.
CVE-2018-2131
...
openSUSE Security Update : rrdtool (openSUSE-2018-175)
This update for rrdtool fixes the following issues : - CVE-2013-2131: Added check to the imginfo format to prevent crash or exploit boo828003 - Fixed an infinite loop and crashing with pango boo1080251 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...
CVE-2017-2131
CVE-2017-2131 affects Panasonic KX-HJB1000 Home unit devices with firmware GHX1YG 14.50 or HJB1000_4.47. The vulnerability is an authentication bypass that allows a user to bypass access restrictions and view the configuration menu via unspecified vectors. This is a network-remote-style issue wit...
CVE-2016-2131
CVE-2016-2131 is rejected/not used and does not represent an active vulnerability entry.
CVE-2015-2131
CVE-2015-2131 is rejected; this entry does not represent an active vulnerability.
CVE-2016-2131
...
SUSE SLED12 / SLES12 Security Update : rrdtool (SUSE-SU-2017:0103-1)
This update for rrdtool provides the following fixes : - CVE-2013-2131: Enhance imginfo format validation checks to prevent crashes. bsc828003 - Add rrdtool-cached sub-package to SLE 12-SP1. bsc967671 Note that Tenable Network Security has extracted the preceding description block directly from t...
Oracle Linux 7 : openldap (ELSA-2015-2131)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-2131 advisory. 2.4.40-8 - NSS does not support string ordering 1231522 - implement and correct order of parsing attributes 1231522 - add multimask and multistrength to correct...
Oracle: Security Advisory (ELSA-2015-2131)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SOL17454 - OpenSSL vulnerabilities CVE-2005-2946, CVE-2008-0891, and CVE-2012-2131
Vulnerability Recommended Actions None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5...
CVE-2013-2131
CVE-2013-2131 affects the Python rrdtool module (1.4.7) as used in Zenoss, with a format-string flaw in rrdtool.graph that can cause a denial of service (crash) when processing crafted format specifiers. Related disclosures note a broader class of format-string vulnerabilities in RRDtool used by ...
CVE-2013-2131
Format string vulnerability in the rrdtool module 1.4.7 for Python, as used in Zenoss, allows context-dependent attackers to cause a denial of service crash via format string specifiers to the rrdtool.graph function...
openSUSE Security Update : rrdtool (openSUSE-SU-2014:1646-1)
rrdtools was updated to add check to the imginfo format to prevent crash or code execution. bnc828003, CVE-2013-2131. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2014-778. The tex...