136 matches found
Oracle Linux 7 : gzip (ELSA-2022-2191)
The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2022-2191 advisory. 1.5-11 - fix an arbitrary-file-write vulnerability in zgrep Resolves: CVE-2022-1271 Tenable has extracted the preceding description block directly from the Orac...
Mageia: Security Advisory (MGASA-2015-0117)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for cifs-utils (EulerOS-SA-2021-2191)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:2191-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 8 : tcpdump (RHSA-2021:2191)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:2191 advisory. The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet...
CVE-2021-2191
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware component: Analytics Actions. Supported versions that are affected are 5.5.0.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access...
CVE-2021-2191
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware component: Analytics Actions. Supported versions that are affected are 5.5.0.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access...
CVE-2021-2191
CVE-2021-2191 affects Oracle Business Intelligence Enterprise Edition (OBIEE) Analytics Actions. Affected versions: 5.5.0.0.0, 12.2.1.3.0, 12.2.1.4.0. The vulnerability allows a low-privileged, network-accessible attacker (HTTP) to potentially read and modify OBIEE data after user interaction. CV...
Security Bulletin: Multiple vulnerabilities in Rational Directory Server (CVE-2012-2203, CVE-2012-2191)
Summary Notice of security vulnerabilities which impacts IBM Rational Directory Server 5.2.x Tivoli variant only along with instructions to resolve the issues. Vulnerability Details | Subscribe to My Notifications to be notified of important product support alerts like this. Follow this link for...
CVE-2020-2191
Jenkins Self-Organizing Swarm Plug-in Modules Plugin 3.20 and earlier does not check permissions on API endpoints that allow adding and removing agent labels...
CVE-2020-2191
CVE-2020-2191 concerns Jenkins Self-Organizing Swarm Plug-in Modules Plugin (3.20 and earlier). The root issue is missing permission checks on API endpoints that add or remove agent labels, allowing users with limited rights to perform label modifications. The vulnerability’s documented impact is...
CVE-2020-2191
Jenkins Self-Organizing Swarm Plug-in Modules Plugin 3.20 and earlier does not check permissions on API endpoints that allow adding and removing agent labels...
Amazon Linux 2 : optipng (ALAS-2019-1313)
The bmpreadrows function in pngxtern/pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service invalid memory write and crash via a series of delta escapes in a crafted BMP image.CVE-2016-2191 C Tenable Network Security, Inc. The descriptive text and package checks i...
Medium: optipng
Issue Overview: The bmpreadrows function in pngxtern/pngxrbmp.c in OptiPNG before 0.7.6 allows remote attackers to cause a denial of service invalid memory write and crash via a series of delta escapes in a crafted BMP image.CVE-2016-2191 Affected Packages: optipng Note: This advisory is applicab...
CVE-2019-2191
CVE-2019-2191 affects LG’s LAF component, exposing information from a protected disk partition due to a missing bounds check. This permits local information disclosure via USB with no user interaction; exploitation requires user privileges and is possible without user action. The related Red Hat/...
Stack-Based Buffer Overflow
Wireshark, previously known as Ethereal, is a network protocol analyzer, which is used to capture and browse the traffic running on a computer network. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or...
Denial Of Service (DoS)
Wireshark, previously known as Ethereal, is a network protocol analyzer, which is used to capture and browse the traffic running on a computer network. Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or...
CVE-2018-2191
...
CVE-2018-2191
CVE-2018-2191 is rejected; this candidate is not an active vulnerability entry.
JVN#51274854: Multiple software for Sharp IC Card Reader/Writer Devices may insecurely load Dynamic Link Libraries
The tool to verify execution environment and the driver installer for IC Card Reader/Writer devices provided by Sharp Corporation contain an issue with the DLL search path, which may lead to insecurely load Dynamic Link Libraries CWE-427. Impact Arbitrary code may be executed with the privilege o...