[SECURITY] Fedora 30 Update: libnbd-1.0.3-1.fc30

NBD =EF=BF=BD=EF=BF=BD=EF=BF=BD Network Block Device =EF=BF=BD=EF=BF=BD=EF =BF=BD is a protocol for accessing Block Devices hard disks and disk-like things over a Network. This is the NBD client library in userspace, a simple library for writing NBD clients. The key features are: Synchronous and...

Eclipse Paho Java client library input validation error vulnerability

Eclipse Paho Java client library is the Eclipse Foundation of a use of the Java language written in MQTT Message Queuing Telemetry Transport client library . An input validation error vulnerability exists in the Eclipse Paho Java client library version 1.2.0. The vulnerability originates from a...

[SECURITY] Fedora 30 Update: libnbd-1.0.2-1.fc30

NBD =EF=BF=BD=EF=BF=BD=EF=BF=BD Network Block Device =EF=BF=BD=EF=BF=BD=EF =BF=BD is a protocol for accessing Block Devices hard disks and disk-like things over a Network. This is the NBD client library in userspace, a simple library for writing NBD clients. The key features are: Synchronous and...

[SECURITY] Fedora 31 Update: libnbd-1.0.2-1.fc31

NBD =EF=BF=BD=EF=BF=BD=EF=BF=BD Network Block Device =EF=BF=BD=EF=BF=BD=EF =BF=BD is a protocol for accessing Block Devices hard disks and disk-like things over a Network. This is the NBD client library in userspace, a simple library for writing NBD clients. The key features are: Synchronous and...

Fedora Update for libnbd FEDORA-2019-8107ac4399

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

PT-2019-6428

Name of the Vulnerable Software and Affected Versions C AMQP client library aka rabbitmq-c versions 0.13.0 and earlier Description An issue was discovered in the C AMQP client library for RabbitMQ, where credentials can only be entered on the command line and are thus visible to local attackers b...

CVE-2019-11777

CVE-2019-11777 – confirmed in connected documents : The Eclipse Paho Java client library (v1.2.0) could bypass host name verification when connecting to an MQTT server over TLS, if a host name verifier is configured, allowing a server to impersonate another and feed the client library with incorr...

[SECURITY] Fedora 30 Update: mariadb-connector-c-3.1.3-1.fc30

The MariaDB Native Client library C driver is used to connect applications developed in C/C++ to MariaDB and MySQL databases...

NewStart CGSL CORE 5.04 / MAIN 5.04 : postgresql Vulnerability (NS-SA-2019-0036)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has postgresql packages installed that are affected by a vulnerability: - A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If...

DEBIAN-CVE-2019-13115

In libssh2 before 1.9.0, kexmethoddiffiehellmangroupexchangesha256keyexchange in kex.c has an integer overflow that could lead to an out-of-bounds read in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to disclose sensitive information or caus...

EulerOS Virtualization 3.0.1.0 : thrift (EulerOS-SA-2019-1458)

According to the versions of the thrift packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The Apache Thrift Node.js static web server in versions 0.9.2 through 0.11.0 have been determined to contain a security...

Denial Of Service (DoS)

The X11 Xorg libraries provide library routines that are used within all X Window applications. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way various X11 client libraries handled certain protocol data. An attacker able to submit invalid protocol da...

[SECURITY] Fedora 28 Update: libX11-1.6.7-1.fc28

Core X11 protocol client library...

CVE-2019-6534

The CVE-2019-6534 vulnerability affects Gemalto Sentinel UltraPro Client Library ux32w.dll, versions 1.3.0–1.3.2, where an uncontrolled search path element (CWE-427) can allow an attacker to load and execute a malicious file. Affected products include Sentinel UltraPro Client Library ux32w.dll; e...

PT-2019-18146 · Gemalto · Gemalto Sentinel Ultrapro Client Library

Name of the Vulnerable Software and Affected Versions: Gemalto Sentinel UltraPro Client Library versions 1.3.0 through 1.3.2 Description: The issue is related to an uncontrolled search path element in the ux32w.dll library, which allows an attacker to load and execute a malicious file...

Gemalto Sentinel UltraPro 32bit Client Library Detection (Windows SMB Login)

SMB login-based detection of the Gemalto Sentinel UltraPro 32bit Client Library. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the XListExtensions function in the client-side API library for the X Window System libX11 allows a attacker to cause a service failure.

The vulnerability of the XListExtensions function ListExt.c in the client API library for the X Window System libX11 is related to an “unit not counted” error. Exploiting this vulnerability allows a remote attacker to cause a service failure through a specially crafted server response...

CVE-2018-1320

Apache Thrift Java client library versions 0.5.0 through 0.11.0 can bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. An assert used to determine if the SASL handshake had successfully completed could be disabled in production settings making t...

CVE-2018-1320

Apache Thrift Java client library versions 0.5.0 through 0.11.0 can bypass SASL negotiation isComplete validation in the org.apache.thrift.transport.TSaslTransport class. An assert used to determine if the SASL handshake had successfully completed could be disabled in production settings making t...

CVE-2018-1320

CVE-2018-1320 affects Apache Thrift: Java client library versions 0.5.0–0.11.0. The issue stems from an assert in TSaslTransport.isComplete that validates SASL handshakes; disabling this check can leave SASL negotiation validation incomplete, enabling a security bypass. Multiple connected sources...