183 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-26713
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stack-based buffer overflow in resrtpasterisk.c in Sangoma Asterisk before 16.16.1, 17.x before 17.9.2, and 18.x before 18.2.1 and Certified Asterisk before...
CVE-2023-2621
The McFeeder server distributed as part of SSW package, is susceptible to an arbitrary file write vulnerability on the MAIN computer system. This vulnerability stems from the use of an outdated version of a third-party library, which is used to extract archives uploaded to McFeeder server. An...
CVE-2022-36999
An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 and related NetBackup products. Under certain conditions, an attacker with authenticated access to a NetBackup Client could remotely read files on a NetBack...
DEBIAN-CVE-2019-16536
Stack overflow leading to DoS can be triggered by a malicious authenticated client in Clickhouse before 19.14.3.3...
CVE-2019-16536
Stack overflow leading to DoS can be triggered by a malicious authenticated client in Clickhouse before 19.14.3.3...
CVE-2019-16536 Stack overflow leading to DoS can be triggered by a malicious authenticated client.
Stack overflow leading to DoS can be triggered by a malicious authenticated client in Clickhouse before 19.14.3.3...
ClickHouse 安全漏洞
ClickHouse is a ClickHouse open source one of the fastest and most resource efficient open source databases for real-time applications and analytics. A security vulnerability exists in ClickHouse versions prior to 19.14.3.3 that originates from a malicious authenticated client that could trigger ...
CVE-2024-0400
SCM Software is a client and server application. An Authenticated System manager client can execute LINQ query in the SCM server, for customized filtering. An Authenticated malicious client can send a specially crafted code to skip the validation and execute arbitrary code RCE on the SCM Server...
MonicaHQ 安全漏洞
MonicaHQ is a relationship management system from MonicaHQ, Inc. A security vulnerability exists in MonicaHQ version v4.1.1 that originates from an entry text field containing authenticated client-side injection...
CVE-2024-55656 RedisBloom Integer Overflow Remote Code Execution Vulnerability
RedisBloom adds a set of probabilistic data structures to Redis. There is an integer overflow vulnerability in RedisBloom, which is a module used in Redis. The integer overflow vulnerability allows an attacker a redis client which knows the password to allocate memory in the heap lesser than the...
AXIS Camera Station Pro 安全漏洞
AXIS Camera Station Pro is a powerful and flexible video management and access control from Axis Sweden. A security vulnerability exists in AXIS Camera Station Pro versions prior to 6.5, which originates from an authenticated malicious client that can tamper with audit log creation or perform a...
MGASA-2024-0387 Updated qemu packages fix security vulnerabilities
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds read and crash of...
K000148495: libssh vulnerability CVE-2023-1667
Security Advisory Description A NULL pointer dereference was found In libssh during re-keying with algorithm guessing. This issue may allow an authenticated client to cause a denial of service. CVE-2023-1667 Impact This vulnerability may allow an authenticated client to cause a denial-of-service...
USN-6860-1: OpenVPN vulnerabilities
Reynir Björnsson discovered that OpenVPN incorrectly handled terminating client connections. A remote authenticated client could possibly use this issue to keep the connection active, bypassing certain security policies. This issue only affected Ubuntu 23.10, and Ubuntu 24.04 LTS. CVE-2024-28882...
Malicious code in authenticated-client (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-6724 Malicious code in authenticated-client (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
QEMU: VNC: NULL pointer dereference in qemu_clipboard_request()
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemuclipboardrequest function can be reached before vncservercuttextcaps was called and had the chance to initialize the clipboard peer, leading to a NULL pointer dereference. This could allow a maliciou...
openvpn -- two security fixes
Gert Doering reports that OpenVPN 2.6.11 fixes two security bugs three on Windows: CVE-2024-5594: control channel: refuse control channel messages with nonprintable characters in them. Security scope: a malicious openvpn peer can send garbage to openvpn log, or cause high CPU load. Reynir Björnss...
QEMU: VNC: NULL pointer dereference in qemu_clipboard_request()
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemuclipboardrequest function can be reached before vncservercuttextcaps was called and had the chance to initialize the clipboard peer, leading to a NULL pointer dereference. This could allow a maliciou...
RHEL 9 : qemu-kvm (RHSA-2024:2135)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2135 advisory. Kernel-based Virtual Machine KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide th...