135 matches found
Ubuntu 14.04 LTS : PHP vulnerabilities (USN-3196-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3196-1 advisory. It was discovered that PHP incorrectly handled certain arguments to the localegetdisplayname function. A remote attacker could use this issue to cause PH...
CVE-2016-3196
creationtimestamp| type| source ---|---|--- 2016-08-24 12:17:22+00:00| seen| https://t.me/FullDisclosure/7...
CVE-2016-3196
CVE-2016-3196 is a stored XSS in Fortinet FortiAnalyzer and FortiManager where remote authenticated users can inject HTML/JS via an image filename uploaded in reports. Affected: FortiAnalyzer 5.x before 5.0.12 and 5.x in 5.2.x before 5.2.6; FortiManager 5.x before 5.0.12 and 5.x in 5.2.x before 5...
immobiliare.it XSS vulnerability
Vulnerable URL: http://www.immobiliare.it/ricerca.php?idCategoria=2=1=====IT======================4000====rilevanza=desc=0===================1=" Details: Description| Value ---|--- Patched:| Yes, at 27.07.2017 Latest check for patch:| 27.07.2017 22:59 GMT Vulnerability type:| XSS Vulnerability...
OracleVM 3.3 / 3.4 : openssl (OVMSA-2016-0049) (SLOTH)
The remote OracleVM system is missing necessary patches to address critical security updates : - fix CVE-2016-2105 - possible overflow in base64 encoding - fix CVE-2016-2106 - possible overflow in EVPEncryptUpdate - fix CVE-2016-2107 - padding oracle in stitched AES-NI CBC-MAC - fix CVE-2016-2108...
openssl security update
1.0.1e-51.4 - fix CVE-2016-0702 - side channel attack on modular exponentiation - fix CVE-2016-0705 - double-free in DSA private key parsing - fix CVE-2016-0797 - heap corruption in BNhex2bn and BNdec2bn 1.0.1e-51.3 - fix CVE-2015-3197 - SSLv2 ciphersuite enforcement - disable SSLv2 in the generi...
OracleVM 3.3 : openssl (OVMSA-2016-0001) (SLOTH)
The remote OracleVM system is missing necessary patches to address critical security updates : - fix CVE-2015-7575 - disallow use of MD5 in TLS1.2 - fix CVE-2015-3194 - certificate verify crash with missing PSS parameter - fix CVE-2015-3195 - X509ATTRIBUTE memory leak - fix CVE-2015-3196 - race...
openSUSE Security Update : openssl (openSUSE-2015-911)
This update for openssl fixes the following issues : Security fixes : - CVE-2015-3194: The signature verification routines will crash with a NULL pointer dereference if presented with an ASN.1 signature using the RSA PSS algorithm and absent mask generation function parameter. Since these routine...
openSUSE Security Update : OpenSSL (openSUSE-2015-908)
OpenSSL was updated to fix three security issues. The following vulnerabilities were fixed : - CVE-2015-3194: Certificate verify crash with missing PSS parameter bsc957815 - CVE-2015-3195: X509ATTRIBUTE memory leak bsc957812 - CVE-2015-3196: Race condition handling PSK identify hint bsc957813...
Security fix for the ALT Linux 8 package openssl10 version 1.0.1q-alt1
Dec. 17, 2015 Gleb Fotengauer-Malinovskiy 1.0.1q-alt1 - Updated to 1.0.1q CVE-2015-1788 CVE-2015-3196 CVE-2015-3195 CVE-2015-3194...
Security fix for the ALT Linux 9 package openssl1.1 version 1.0.1q-alt1
Dec. 17, 2015 Gleb Fotengauer-Malinovskiy 1.0.1q-alt1 - Updated to 1.0.1q CVE-2015-1788 CVE-2015-3196 CVE-2015-3195 CVE-2015-3194...
Security fix for the ALT Linux 9 package openssl10 version 1.0.1q-alt1
Dec. 17, 2015 Gleb Fotengauer-Malinovskiy 1.0.1q-alt1 - Updated to 1.0.1q CVE-2015-1788 CVE-2015-3196 CVE-2015-3195 CVE-2015-3194...
[slackware-security] openssl
New openssl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: patches/packages/openssl-1.0.1q-x8664-1slack14.1.txz: Upgraded. This update fixes the following security issues: BNmodexp ma...
Amazon Linux: Security Advisory (ALAS-2015-614)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS Update for openssl CESA-2015:2617 centos7
Check the version of openssl SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882337";...
RedHat Update for openssl RHSA-2015:2617-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2015-2617)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OracleVM 3.3 : openssl (OVMSA-2015-0155)
The remote OracleVM system is missing necessary patches to address critical security updates : - fix CVE-2015-3194 - certificate verify crash with missing PSS parameter - fix CVE-2015-3195 - X509ATTRIBUTE memory leak - fix CVE-2015-3196 - race condition when handling PSK identity hint %NASLMINLEV...
CentOS 6 / 7 : openssl (CESA-2015:2617)
Updated openssl packages that fix three security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
Moderate: Red Hat Security Advisory: openssl security update
Updated openssl packages that fix three security issues are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...