MiracleLinux 8 : kernel-4.18.0-305.el8 (AXSA:2021-2148:12)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2148:12 advisory. kernel: Integer overflow in IntelR Graphics Drivers CVE-2020-12362 kernel: memory leak in sofsetgetlargectrldata function in sound/soc/sof/ipc.c...

MiracleLinux 8 : libsndfile-1.0.28-10.el8 (AXSA:2020-305:02)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-305:02 advisory. libsndfile: stack-based buffer overflow in sndfile-deinterleave utility CVE-2018-13139 libsndfile: buffer over-read in the function i2alawarray in...

MiracleLinux 3 : dbus-1.1.2-16.AXS3 (AXSA:2011-305:02)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-305:02 advisory. D-BUS is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a per-user-login-session messagin...

EUVD-2017-4248

Malware in sbrugna...

PYSEC-2024-305

wasm3 139076a contains memory leaks in Readutf8...

CVE-2020-26310 GHSL-2020-305: Regular Expression Denial of Service (ReDoS) in Pure JavaScript HTML5 Parser

Validate.js provides a declarative way of validating javascript objects. All versions as of 30 November 2020 contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service ReDoS. As of time of publication, it is unknown if any patches are available...

OPENSUSE-SU-2024:10883-1 jsr-305-3.0.2-1.2 on GA media

These are all security issues fixed in the jsr-305-3.0.2-1.2 package on the GA media of openSUSE Tumbleweed...

CVE-2024-36388

MileSight DeviceHub - CWE-305 Missing Authentication for Critical Function...

CVE-2024-36388 MileSight DeviceHub - CWE-305 Missing Authentication for Critical Function

MileSight DeviceHub - CWE-305 Missing Authentication for Critical Function...

CVE-2024-36388 MileSight DeviceHub - CWE-305 Missing Authentication for Critical Function

MileSight DeviceHub - CWE-305 Missing Authentication for Critical Function...

Westermo MRD-305-DIN, MRD-315, MRD-355, and MRD-455 Use of Hard-Coded Cryptographic Key (CVE-2016-5816)

A Use of Hard-Coded Cryptographic Key issue was discovered in MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The device utilizes hard-coded private cryptographic keys that may allow an attacker to decrypt traffic from any other source. This...

Westermo MRD-305-DIN, MRD-315, MRD-355, and MRD-455 Cross-Site Request Forgery (CVE-2017-12703)

A Cross-Site Request Forgery CSRF issue was discovered in Westermo MRD-305-DIN versions older than 1.7.5.0, and MRD-315, MRD-355, MRD-455 versions older than 1.7.5.0. The application does not verify whether a request was intentionally provided by the user, making it possible for an attacker to...

Fedora: Security Advisory for jsr-305 (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: jsr-305-3.0.2-15.fc40

This package contains reference implementations, test cases, and other documents for Java Specification Request 305: Annotations for Software Defect Detection...

openSUSE: Security Advisory for installation-images (SUSE-SU-2023:1831-1)

The remote host is missing an update for the installation-images packages announced via the SUSE-SU-2023:1831-1 advisory. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Amazon Linux 2023 : guava, guava-javadoc, guava-testlib (ALAS2023-2023-305)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-305 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks ...

maven bug fix and enhancement update

An update is available for plexus-interpolation, httpcomponents-core, maven-wagon, maven, google-guice, jsoup, jansi, apache-commons-io, apache-commons-lang3, maven-shared-utils, plexus-utils, plexus-classworlds, jakarta-annotations, httpcomponents-client, apache-commons-codec, plexus-cipher,...

305.cz Cross Site Scripting vulnerability OBB-3216951

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

new packages: jsr-305

An update is available for jsr-305. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky Enterprise...

openSUSE: Security Advisory for jsoup, (SUSE-SU-2022:1265-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...