55 matches found
Qualys TRU Discovers Important Vulnerabilities in GNU C Library’s syslog()
The Qualys Threat Research Unit TRU has recently unearthed four significant vulnerabilities in the GNU C Library, a cornerstone for countless applications in the Linux environment. Before diving into the specific details of the vulnerabilities discovered by the Qualys Threat Research Unit in the...
Debian dsa-5611 : glibc-doc - security update
The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5611 advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5611-1...
AlmaLinux 9 : .NET 7.0 (ALSA-2023:6246)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:6246 advisory. - .NET Core and Visual Studio Denial of Service Vulnerability CVE-2023-36799 Note that Nessus has not tested for this issue but has instead relied only on the...
USN-6178-1 Several security issues were fixed in SVG++ library
It was discovered that in SVG++ library that the demo application incorrectly managed memory resulting in a memory access violation under certain circumstances. An attacker could possibly use this issue to leak memory information or run a denial of service attack. This issue only affected Ubuntu...
Ubuntu 18.04 ESM / 22.04 LTS : SVG++ library vulnerabilities (USN-6178-1)
The remote Ubuntu 18.04 ESM / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6178-1 advisory. It was discovered that in SVG++ library that the demo application incorrectly managed memory resulting in a memory access violation under...
SUSE CVE-2015-6246
The dissectwapayload function in epan/dissectors/packet-waveagent.c in the WaveAgent dissector in Wireshark 1.12.x before 1.12.7 mishandles large tag values, which allows remote attackers to cause a denial of service application crash via a crafted packet...
CVE-2020-6246
CVE-2020-6246 affects SAP NetWeaver AS ABAP Business Server Pages SBSPEXT_TABLE (versions 700–754). It is a reflected XSS due to insufficient encoding of user-controlled inputs in SBSPEXT_TABLE, as documented by SAP/Red Hat and NVD references. Impacts: low confidentiality and integrity (per CVSS ...
CVE-2019-6246
An issue was discovered in SVG++ aka svgpp 1.2.3. After calling the gil::getcolor function in Generic Image Library in Boost, the return code is used as an address, leading to an Access Violation because of an out-of-bounds read...
CVE-2019-6246
The CVE-2019-6246 entry concerns SVG++ (svgpp) 1.2.3. A bug occurs after calling gil::get_color in Boost.GIL, where the return code is used as an address, causing an out-of-bounds read and an access violation. The connected sources corroborate the same vulnerability description across multiple fe...
Security Bulletin: NVIDIA SHIELD TV – October 2018
NVIDIA has released a software security update for SHIELD TV. This update addresses issues that may lead to information disclosure or escalation of privileges. To protect your system, download and install this software update. Go to NVIDIA Product Security. Details This section summarizes the...
CVE-2018-6246
In Android before the 2018-05-05 security patch level, NVIDIA Widevine Trustlet contains a vulnerability in Widevine TA where the software reads data past the end, or before the beginning, of the intended buffer, which may lead to Information Disclosure. This issue is rated as moderate. Android:...
CVE-2018-6246
The CVE-2018-6246 issue affects NVIDIA Widevine Trustlet inside Widevine TA on Android prior to the 2018-05-05 patch level, where the software may read data past the end or before the beginning of the intended buffer, enabling Information Disclosure. The NVIDIA SHIELD TV bulletin lists this CVE u...
CVE-2012-6246
...
CVE-2012-6246
CVE-2012-6246 entry is rejected/not used and does not represent an active vulnerability entry.
CVE-2016-6246
OpenBSD 5.8/5.9: local users with kern.usermount privileges can cause a kernel panic (DoS) by mounting a tmpfs with a VNOVAL in the root node’s username, groupname, or device name. No remediation details are provided in the available documents.
wireshark security, bug fix, and enhancement update
1.10.14-7.0.1 - Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect 1.10.14-7 - Rebase some tvbuff API from upstream to 1.10.14 - Fixes crash when tvblengthremaining is used - Related: CVE-2015-6244 1.10.14-6 - Security patch - Resolves: CVE-2015-3182 1.10.14-5 - Fix crash...
openSUSE Security Update : wireshark (openSUSE-2015-683)
wireshark was updated to version 1.12.8 to fix ten security issues. These security issues were fixed : - CVE-2015-6247: The dissectopenflowtablemodv5 function in epan/dissectors/packet-openflowv5.c in the OpenFlow dissector in Wireshark 1.12.x before 1.12.7 did not validate a certain offset value...
Fedora 22 : wireshark-1.12.7-2.fc22 (2015-13945)
Enable libnl3 see rhbz1207386, rhbz1247566 - Remove airpcap switch doesn't have any effect on Linux - Backport patch no. 11 - Fixed building with F24+ Ver. 1.12.7 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable...
Debian DSA-3367-1 : wireshark - security update
Multiple vulnerabilities were discovered in the dissectors/parsers for ZigBee, GSM RLC/MAC, WaveAgent, ptvcursor, OpenFlow, WCCP and in internal functions which could result in denial of service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...
Fedora 23 : wireshark-1.12.7-2.fc23 (2015-13946)
Enable libnl3 see rhbz1207386, rhbz1247566 - Remove airpcap switch doesn't have any effect on Linux - Backport patch no. 11 - Fixed building with F24+ Ver. 1.12.7 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable...