81 matches found
SUSE SLES12: libvirt / libvirt-admin / libvirt-client / libvirt-daemon / etc (SUSE-SU-2022:0032-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0032-1 advisory. - CVE-2021-4147: libxl: Fix libvirtd deadlocks and segfaults. bsc1194041 - CVE-2021-3975: Add missing lock in...
SUSE: Security Advisory (SUSE-SU-2022:0032-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2022:0031-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2022:0032-1 Security update for libvirt
This update for libvirt fixes the following issues: - CVE-2021-4147: libxl: Fix libvirtd deadlocks and segfaults. bsc1194041 - CVE-2021-3975: Add missing lock in qemuProcessHandleMonitorEOF. bsc1192876...
SUSE-SU-2022:0031-1 Security update for libvirt
This update for libvirt fixes the following issues: - CVE-2021-4147: libxl: Fix libvirtd deadlocks and segfaults. bsc1194041 - CVE-2021-3975: Add missing lock in qemuProcessHandleMonitorEOF. bsc1192876...
SUSE SLES15: libvirt / libvirt-admin / libvirt-client / libvirt-daemon / etc (SUSE-SU-2022:0031-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0031-1 advisory. - CVE-2021-4147: libxl: Fix libvirtd deadlocks and segfaults. bsc1194041 - CVE-2021-3975: Add missing lock in...
Mozilla Firefox Security Advisory (MFSA2012-68) - Linux
This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
CVE-2020-3975
CVE-2020-3975 describes a Stored XSS issue in VMware App Volumes for 2.x (pre-2.18.6) and 4.x (pre-2006). The root cause is inadequate input validation when creating/editing applications or storage groups, enabling a malicious actor with those permissions to inject script executed in a victim’s b...
VMware App Volumes patches address Stored Cross-Site Scripting (XSS) vulnerability (CVE-2020-3975)
3a. Advisory Details VMware App Volumes does not correctly validate user input when creating and editing applications or creating storage groups. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.5...
Advantech WebAccess SCADA Stack-based Buffer Overflow (CVE-2019-3975; CVE-2019-3951)
A stack-based buffer overflow vulnerability exists in the webvrpcs service of Advantech WebAccess. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2019-3975
Advantech WebAccess/SCADA 8.4.1 is affected by CVE-2019-3975 due to a stack-based buffer overflow in the webvprcs/IOCTL 70603 RPC handling, enabling a remote, unauthenticated attacker to execute arbitrary code. This is confirmed across multiple sources (Red Hat advisory, CNVD, NVD entry) with imp...
Ubuntu: Security Advisory (USN-3975-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2017-3975
CVE-2017-3975 is rejected/not used; this entry does not represent an active vulnerability.
Debian DSA-3975-1 : emacs25 - security update
Charles A. Roelli discovered that Emacs is vulnerable to arbitrary code execution when rendering text/enriched MIME data e.g. when using Emacs-based mail clients. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...
CVE-2015-3975
...
CVE-2015-3975
CVE-2015-3975 is rejected; this CVE ID is not an active vulnerability entry.
SAP NetWeaver AS JAVA 7.5 Cross Site Scripting
Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.1 - 7.5 Vendor URL: http://SAP.com Bug: XSS Sent: 20.10.2015 Reported: 21.10.2015 Vendor response: 21.10.2015 Date of Public Advisory: 08.03.2016 Reference: SAP Security Note 2238375 Author: Vahagn Vardanyan ERPScan...
CVE-2016-3975
SAP NetWeaver AS Java 7.1–7.5 is affected by a cross-site scripting (XSS) vulnerability (CVE-2016-3975) that can be exploited remotely via the NavigationURLTester endpoint to inject arbitrary script/HTML. Affected component is the SAP NetWeaver AS Java application server; root cause relates to th...
openSUSE Security Update : MozillaFirefox (openSUSE-SU-2012:1064-1)
Mozilla Firefox, Thunderbird, xulrunner, seamonkey 15.0 update bnc777588 - MFSA 2012-57/CVE-2012-1970 Miscellaneous memory safety hazards - MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-20 12-1975 CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/ CVE-2012-3959...
openSUSE Security Update : MozillaFirefox (openSUSE-SU-2012:1065-1)
Mozilla Firefox, Thunderbird, xulrunner, seamonkey 15.0 update bnc777588 - MFSA 2012-57/CVE-2012-1970 Miscellaneous memory safety hazards - MFSA 2012-58/CVE-2012-1972/CVE-2012-1973/CVE-2012-1974/CVE-20 12-1975 CVE-2012-1976/CVE-2012-3956/CVE-2012-3957/CVE-2012-3958/ CVE-2012-3959...