Lucene search
K

55 matches found

Qualys Blog
Qualys Blog
added 2024/01/30 6:31 p.m.101 views

Qualys TRU Discovers Important Vulnerabilities in GNU C Library’s syslog()

The Qualys Threat Research Unit TRU has recently unearthed four significant vulnerabilities in the GNU C Library, a cornerstone for countless applications in the Linux environment. Before diving into the specific details of the vulnerabilities discovered by the Qualys Threat Research Unit in the...

5CVSS7.6AI score0.04794EPSS
Exploits10
Tenable Nessus
Tenable Nessus
added 2024/01/30 12:0 a.m.48 views

Debian dsa-5611 : glibc-doc - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5611 advisory. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5611-1...

8.4CVSS7.5AI score0.04794EPSS
Exploits9References8
Tenable Nessus
Tenable Nessus
added 2023/11/03 12:0 a.m.27 views

AlmaLinux 9 : .NET 7.0 (ALSA-2023:6246)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:6246 advisory. - .NET Core and Visual Studio Denial of Service Vulnerability CVE-2023-36799 Note that Nessus has not tested for this issue but has instead relied only on the...

6.5CVSS7.5AI score0.04661EPSS
Exploits0References2
OSV
OSV
added 2023/06/19 6:38 p.m.6 views

USN-6178-1 Several security issues were fixed in SVG++ library

It was discovered that in SVG++ library that the demo application incorrectly managed memory resulting in a memory access violation under certain circumstances. An attacker could possibly use this issue to leak memory information or run a denial of service attack. This issue only affected Ubuntu...

9.8CVSS7.4AI score0.01843EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2023/06/19 12:0 a.m.28 views

Ubuntu 18.04 ESM / 22.04 LTS : SVG++ library vulnerabilities (USN-6178-1)

The remote Ubuntu 18.04 ESM / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6178-1 advisory. It was discovered that in SVG++ library that the demo application incorrectly managed memory resulting in a memory access violation under...

9.8CVSS7.8AI score0.01843EPSS
Exploits2References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:15 a.m.5 views

SUSE CVE-2015-6246

The dissectwapayload function in epan/dissectors/packet-waveagent.c in the WaveAgent dissector in Wireshark 1.12.x before 1.12.7 mishandles large tag values, which allows remote attackers to cause a denial of service application crash via a crafted packet...

4.3CVSS6.8AI score0.02963EPSS
Exploits0References6
CVE
CVE
added 2020/06/10 12:34 p.m.44 views

CVE-2020-6246

CVE-2020-6246 affects SAP NetWeaver AS ABAP Business Server Pages SBSPEXT_TABLE (versions 700–754). It is a reflected XSS due to insufficient encoding of user-controlled inputs in SBSPEXT_TABLE, as documented by SAP/Red Hat and NVD references. Impacts: low confidentiality and integrity (per CVSS ...

6.1CVSS5.9AI score0.00654EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2019/01/13 12:0 a.m.21 views

CVE-2019-6246

An issue was discovered in SVG++ aka svgpp 1.2.3. After calling the gil::getcolor function in Generic Image Library in Boost, the return code is used as an address, leading to an Access Violation because of an out-of-bounds read...

9.8CVSS9.5AI score0.01843EPSS
Exploits1
CVE
CVE
added 2019/01/13 12:0 a.m.58 views

CVE-2019-6246

The CVE-2019-6246 entry concerns SVG++ (svgpp) 1.2.3. A bug occurs after calling gil::get_color in Boost.GIL, where the return code is used as an address, causing an out-of-bounds read and an access violation. The connected sources corroborate the same vulnerability description across multiple fe...

9.8CVSS6.6AI score0.01843EPSS
Exploits1References1Affected Software1
Nvidia
Nvidia
added 2018/10/16 12:0 a.m.38 views

Security Bulletin: NVIDIA SHIELD TV – October 2018

NVIDIA has released a software security update for SHIELD TV. This update addresses issues that may lead to information disclosure or escalation of privileges. To protect your system, download and install this software update. Go to NVIDIA Product Security. Details This section summarizes the...

7.8CVSS7.4AI score0.74041EPSS
Exploits9Affected Software1
OSV
OSV
added 2018/05/10 2:29 p.m.5 views

CVE-2018-6246

In Android before the 2018-05-05 security patch level, NVIDIA Widevine Trustlet contains a vulnerability in Widevine TA where the software reads data past the end, or before the beginning, of the intended buffer, which may lead to Information Disclosure. This issue is rated as moderate. Android:...

5.3CVSS7.1AI score0.00347EPSS
Exploits0References1
CVE
CVE
added 2018/05/10 2:0 p.m.39 views

CVE-2018-6246

The CVE-2018-6246 issue affects NVIDIA Widevine Trustlet inside Widevine TA on Android prior to the 2018-05-05 patch level, where the software may read data past the end or before the beginning of the intended buffer, enabling Information Disclosure. The NVIDIA SHIELD TV bulletin lists this CVE u...

5.3CVSS5.1AI score0.00347EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2017/05/11 2:1 p.m.11 views

CVE-2012-6246

...

Exploits0
CVE
CVE
added 2017/05/11 2:1 p.m.28 views

CVE-2012-6246

CVE-2012-6246 entry is rejected/not used and does not represent an active vulnerability entry.

6.6AI score
Exploits0
CVE
CVE
added 2017/03/07 4:0 p.m.57 views

CVE-2016-6246

OpenBSD 5.8/5.9: local users with kern.usermount privileges can cause a kernel panic (DoS) by mounting a tmpfs with a VNOVAL in the root node’s username, groupname, or device name. No remediation details are provided in the available documents.

4.9CVSS4.8AI score0.00434EPSS
Exploits1References5Affected Software1
Oracle linux
Oracle linux
added 2015/11/23 12:0 a.m.44 views

wireshark security, bug fix, and enhancement update

1.10.14-7.0.1 - Add oracle-ocfs2-network.patch to allow disassembly of OCFS2 interconnect 1.10.14-7 - Rebase some tvbuff API from upstream to 1.10.14 - Fixes crash when tvblengthremaining is used - Related: CVE-2015-6244 1.10.14-6 - Security patch - Resolves: CVE-2015-3182 1.10.14-5 - Fix crash...

7.8CVSS0.3AI score0.046EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/10/29 12:0 a.m.33 views

openSUSE Security Update : wireshark (openSUSE-2015-683)

wireshark was updated to version 1.12.8 to fix ten security issues. These security issues were fixed : - CVE-2015-6247: The dissectopenflowtablemodv5 function in epan/dissectors/packet-openflowv5.c in the OpenFlow dissector in Wireshark 1.12.x before 1.12.7 did not validate a certain offset value...

4.3CVSS6.1AI score0.03241EPSS
Exploits0References12
Tenable Nessus
Tenable Nessus
added 2015/10/08 12:0 a.m.42 views

Fedora 22 : wireshark-1.12.7-2.fc22 (2015-13945)

Enable libnl3 see rhbz1207386, rhbz1247566 - Remove airpcap switch doesn't have any effect on Linux - Backport patch no. 11 - Fixed building with F24+ Ver. 1.12.7 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable...

4.3CVSS6.1AI score0.03241EPSS
Exploits0References19
Tenable Nessus
Tenable Nessus
added 2015/09/28 12:0 a.m.31 views

Debian DSA-3367-1 : wireshark - security update

Multiple vulnerabilities were discovered in the dissectors/parsers for ZigBee, GSM RLC/MAC, WaveAgent, ptvcursor, OpenFlow, WCCP and in internal functions which could result in denial of service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

4.3CVSS6AI score0.03241EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2015/09/04 12:0 a.m.30 views

Fedora 23 : wireshark-1.12.7-2.fc23 (2015-13946)

Enable libnl3 see rhbz1207386, rhbz1247566 - Remove airpcap switch doesn't have any effect on Linux - Backport patch no. 11 - Fixed building with F24+ Ver. 1.12.7 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable...

4.3CVSS6.1AI score0.03241EPSS
Exploits0References19
Rows per page
Query Builder