129 matches found
SUSE: Security Advisory (SUSE-SU-2021:2913-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2014:0682-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : Virtualbox (openSUSE-2020-925)
Virtualbox was updated to 6.0.22 released May 15 2020 by Oracle This is a maintenance release. The following items were fixed and/or added : Guest Additions: Build problems fix with Oracle Linux 8.2 Red Hat compatible kernel / Red Hat Enterprise Linux 8.2 / CentOS 8.2 bug 19391 Guest...
Security Bulletin: Multiple Oracle Database Server Security Vulnerabilities Affect IBM Emptoris Supplier Lifecycle Mgmt
Summary Oracle Database Server Publicly disclosed vulnerability affects IBM Emptoris Supplier Lifecycle Mgmt. Vulnerability Details CVEID: CVE-2019-2734 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Core RDBMS component could allow an authenticated attacker to...
Security Bulletin: Multiple Oracle Database Server Security Vulnerabilities Affect IBM Emptoris Sourcing
Summary Oracle Database Server Publicly disclosed vulnerability affects IBM Emptoris Sourcing. Vulnerability Details CVEID: CVE-2019-2734 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Core RDBMS component could allow an authenticated attacker to cause no...
CVE-2020-2913
CVE-2020-2913 affects Oracle VM VirtualBox (Core). Vulnerable in VirtualBox versions prior to 6.0.20 and prior to 6.1.6. A low-privileged user with logon can compromise the VirtualBox instance, potentially leading to takeover. Mitigation: upgrade to VirtualBox 6.0.20 or 6.1.6 (or later) as per th...
Oracle Database Server Multiple Vulnerabilities (Oct 2019 CPU)
The remote Oracle Database Server is missing the October 2019 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities : - An unspecified vulnerability in the Java VM component of Oracle Database Server, which could allow an unauthenticated, remote attacker to manipulate...
CVE-2019-2913
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via OracleNet to compromise Core RDBMS. While th...
Oracle GoldenGate Manager Command Stack Buffer Overflow (CVE-2018-2913)
A stack-based buffer overflow exists in Oracle GoldenGate Manager. The vulnerability is due an input validation error when processing overly long command name. Successful exploitation could lead to arbitrary code execution...
com.orientechnologies:orientdb-community (=2.1.0), com.orientechnologies:orientdb-distributed (=2.1.0) +4 more potentially affected by CVE-2015-2913 via com.orientechnologies:orientdb-server (=2.1.0)
com.orientechnologies:orientdb-server MAVEN version =2.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on com.orientechnologies:orientdb-server and may be impacted: - com.orientechnologies:orientdb-community =2.1.0 -...
com.orientechnologies:orientdb (>=1.0 <=1.5.1), com.orientechnologies:orientdb-community (>=1.6.5 <=2.0.14) +17 more potentially affected by CVE-2015-2913 via com.orientechnologies:orientdb-server (>=1.0 <=2.0.14)
com.orientechnologies:orientdb-server MAVEN version =1.0, =1.0, =1.6.5, =1.1.0, =2.0, =1.1.0, =2.0, =1.7, =1.0, =0.1.17, =0.2.14 - org.ops4j.orient.samples:orient-sample1 =0.3.0 - org.ops4j.orient.samples:orient-sample2 =0.3.0 - org.ops4j.orient:orient-ra =0.3.0 - org.ops4j.orient:orient-ra-api...
Oracle Fixes 301 Flaws in October Critical Patch Update
Oracle has released a critical patch update addressing more than 300 vulnerabilities across several of its products – including one flaw with a CVSS 3.0 score of 10 that could allow the takeover of the company’s software package, Oracle GoldenGate. Of the 301 security flaws that were fixed in thi...
CVE-2018-2913
CVE-2018-2913 affects Oracle GoldenGate’s Monitoring Manager. A stack-based buffer overflow vulnerability exists in the GoldenGate Manager that can be triggered by sending an overly long GGSCI command over TCP, allowing a remote, unauthenticated attacker to potentially take over GoldenGate. Affec...
Security Bulletin: A vulnerability in NRPE affects PowerKVM (CVE-2014-2913)
Summary PowerKVM is affected by a vulnerability in the Nagios Remote Plugin Executor NRPE. IBM has now addressed this vulnerability. Vulnerability Details CVEID: CVE-2014-2913 DESCRIPTION: Nagios Remote Plugin Executor NRPE could allow a remote attacker to execute arbitrary code on the system,...
[ASA-201801-14] nrpe: arbitrary command execution
Arch Linux Security Advisory ASA-201801-14 ========================================== Severity: High Date : 2018-01-18 CVE-ID : CVE-2013-1362 CVE-2014-2913 Package : nrpe Type : arbitrary command execution Remote : Yes Link : https://security.archlinux.org/AVG-587 Summary ======= The package nrpe...
CVE-2017-2913
An exploitable vulnerability exists in the filtering functionality of Circle with Disney. SSL certificates for specific domain names can cause the Bluecoat library to accept a different certificate than intended. An attacker can host an HTTPS server with this certificate to trigger this...
CVE-2017-2913
CVE-2017-2913 affects Circle with Disney and specifically the libbluecoat.so SSL validation path. The TALOS/NVD entries describe an exploitable MITM-style issue where SSL certificates for certain domain names can cause the Blue Coat library to accept a different certificate than intended, enablin...
CVE-2015-7848
An integer overflow can occur in NTP-dev.4.3.70 leading to an out-of-bounds memory copy operation when processing a specially crafted private mode packet. The crafted packet needs to have the correct message authentication code and a valid timestamp. When processed by the NTP daemon, it leads to ...
Ubuntu: Security Advisory (USN-2913-3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : GnuTLS update (USN-2913-4)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2913-4 advisory. USN-2913-1 removed 1024-bit RSA CA certificates from the ca-certificates package. This update adds support for alternate certificate chains to the GnuTLS package ...