MiracleLinux 4 : mariadb55-mariadb-5.5.50-1.AXS4 (AXSA:2016-616:03)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-616:03 advisory. MariaDB is a community developed branch of MySQL. MariaDB is a multi-user, multi-threaded SQL database server. It is a client/server implementation...

EUVD-2019-11889

Malware in sbrugna...

EUVD-2017-7263

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2017-12474

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The AP4AtomSampleTable::GetSample function in Core/Ap4AtomSampleTable.cpp in Bento4 mp42ts before 1.5.0-616 allows remote attackers to cause a denial of service...

CVE-2020-6204

The selection query in SAP Treasury and Risk Management Transaction Management EA-FINSERV?versions 600, 603, 604, 605, 606, 616, 617, 618, 800 and S4CORE versions 101, 102, 103, 104 returns more records than it should be when selecting and displaying the contract number, leading to Missing...

CVE-2018-13901

Due to missing permissions in Android Manifest file, Sensitive information disclosure issue can happen in PCI RCS app in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables ...

EulerOS 2.0 SP11 : vim (EulerOS-SA-2024-2570)

According to the versions of the vim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Vim is an open source command line text editor. double-free in dialogchanged in Vim v9.1.0648. When abandoning a buffer, Vim may ask the user what to...

Vim double free in src/alloc.c:616

...

CVE-2024-41957 Vim double free in src/alloc.c:616

Vim is an open source command line text editor. Vim v9.1.0647 has double free in src/alloc.c:616. When closing a window, the corresponding tagstack data will be cleared and freed. However a bit later, the quickfix list belonging to that window will also be cleared and if that quickfix list points...

Amazon Linux 2023 : python3, python3-devel, python3-idle (ALAS2023-2024-616)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-616 advisory. An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.2, 3.11.8, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference...

CVE-2023-32112 Missing Authorization Check in Vendor Master Hierarchy

Vendor Master Hierarchy - versions SAPAPPL 500, SAPAPPL 600, SAPAPPL 602, SAPAPPL 603, SAPAPPL 604, SAPAPPL 605, SAPAPPL 606, SAPAPPL 616, SAPAPPL 617, SAPAPPL 618, S4CORE 100, does not perform necessary authorization checks for an authenticated user to access some of its function. This could lea...

Debian: Security Advisory (DLA-616-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SAP Enterprise Financial Services 安全漏洞

SAP Enterprise Financial Services is a set of enterprise financial services solutions from SAP. A security vulnerability exists in SAP Enterprise Financial Services versions 101, 102, 103, 104, 105, 600, 603, 604, 605, 606, 616, 617, 618, and 800, which arises from a program that does not perform...

CVE-2019-12183

Incorrect Access Control in Safescan Timemoto TM-616 and TA-8000 series allows remote attackers to read any file via the administrative API...

CVE-2019-12183

CVE-2019-12183 affects Safescan Timemoto TM-616 and TA-8000 series. Description: Incorrect Access Control in the administrative API can let remote attackers read arbitrary files. Root cause: improper access controls in the admin API; impacts are partial confidentiality loss (read access) with net...

CVE-2019-2332

Memory corruption while accessing the memory as payload size is not validated before access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607,...

CVE-2019-10512

Payload size is not checked before using it as array index in audio in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in...

CVE-2019-10529

Possible use after free issue due to race condition while attempting to mark the entry pages as dirty using function setpagedirty in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

Code injection

Out of boundary access due to token received from ADSP and is used without validation as an index into the array in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150...

CVE-2019-2324

When ADSP is compromised, the audio port index thats returned from ADSP might be out of the valid range and leads to out of boundary access in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music,...