SUSE-SU-2024:3306-1 Security update for clamav

This update for clamav fixes the following issues: - Update to version 0.103.12 - CVE-2024-20506: Disable symlinks following to prevent an attacker to corrupt system files. bsc1230162 - CVE-2024-20505: Fixed possible out-of-bounds read bug in the PDF file parser. bsc1230161...

SUSE-SU-2024:3305-1 Security update for clamav

This update for clamav fixes the following issues: - Update to version 0.103.12 - CVE-2024-20506: Disable symlinks following to prevent an attacker to corrupt system files. bsc1230162 - CVE-2024-20505: Fixed possible out-of-bounds read bug in the PDF file parser. bsc1230161...

SUSE SLES12 Security Update : clamav (SUSE-SU-2024:3228-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3228-1 advisory. - Update to version 0.103.12 - CVE-2024-20506: Disable symlinks following to prevent an attacker to corrupt system files. bsc123016...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : wireshark (SUSE-SU-2024:3165-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3165-1 advisory. wireshark was updated from version 3.6.23 to version 4.2.6 jscPED-8517: - Security issues fixed...

orc: Stack-based buffer overflow vulnerability in ORC

Stack-based buffer overflow vulnerability exists in orcparse.c of ORC. If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on the developer's build environment. This may lead to compromise of developer machines or CI buil...

PT-2024-7266 · Gnome +5 · Libgsf +5

Name of the Vulnerable Software and Affected Versions: GNOME Project G Structured File Library libgsf version v1.14.52 Description: An integer overflow vulnerability exists in the Compound Document Binary File format parser of the GNOME Project G Structured File Library libgsf. A specially crafte...

ROS-20240806-09

Gstreamer multimedia framework vulnerability is related to stacked buffer overflow. Exploitation The vulnerability could allow a remote attacker to execute arbitrary code using specially crafted H265 encoded files. specially crafted H265 encoded files Gstreamer multimedia framework vulnerability ...

ROS-20240731-03

A vulnerability in the MXF file parser of the Gstreamer multimedia framework is related to an operation exceeding the boundaries of a buffer in memory. buffer in memory. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

ROS-20240603-01

A vulnerability in the PSP file parser of the GIMP graphics editor is related to number processing errors. Exploitation of the vulnerability could allow an attacker to execute arbitrary code...

AZL-42552 CVE-2023-6175 affecting package wireshark for versions less than 4.4.7-1

NetScreen file parser crash in Wireshark 4.0.0 to 4.0.10 and 3.6.0 to 3.6.18 allows denial of service via crafted capture file...

UBUNTU-CVE-2023-6175

NetScreen file parser crash in Wireshark 4.0.0 to 4.0.10 and 3.6.0 to 3.6.18 allows denial of service via crafted capture file...

CVE-2023-6175

NetScreen file parser crash in Wireshark 4.0.0 to 4.0.10 and 3.6.0 to 3.6.18 allows denial of service via crafted capture file...

CVE-2023-6175 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') in Wireshark

NetScreen file parser crash in Wireshark 4.0.0 to 4.0.10 and 3.6.0 to 3.6.18 allows denial of service via crafted capture file...

CVE-2023-6175 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') in Wireshark

NetScreen file parser crash in Wireshark 4.0.0 to 4.0.10 and 3.6.0 to 3.6.18 allows denial of service via crafted capture file...

CVE-2023-6175 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') in Wireshark

NetScreen file parser crash in Wireshark 4.0.0 to 4.0.10 and 3.6.0 to 3.6.18 allows denial of service via crafted capture file...

BIT-GITLAB-2021-22205

An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution...

Fedora 38 : wireshark (2024-fdc7dfb959)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-fdc7dfb959 advisory. New version 4.0.12. Includes fixes for CVE-2023-5371, CVE-2023-6174, CVE-2023-6175, CVE-2024-0208. Tenable has extracted the preceding description...

Fedora 39 : wireshark (2024-b72131479b)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-b72131479b advisory. New version 4.0.12. Includes fixes for CVE-2023-5371, CVE-2023-6174, CVE-2023-6175, CVE-2024-0208. Tenable has extracted the preceding description...

CVE-2024-20290

A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an incorrect check for end-of-string values during scanning, which may result in a heap buffer...

Fedora: Security Advisory (FEDORA-2024-80e6578a01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...