136 matches found
PT-2023-3766 · Mitsubishi · Melsec Iq-F Series Ethernet/Ip Module Fx5-Enet/Ip +1
Name of the Vulnerable Software and Affected Versions: MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 affected versions not specified MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP affected versions not specified Description: The issue is related to an unrestricted upload of files with...
libssh 授权问题漏洞
libssh is a C development package from the libssh organization for accessing SSH services that can perform remote commands, file transfers, and also provide a secure transport channel for remote programs. A security vulnerability exists in libssh that stems from not properly performing...
TightVNC 安全漏洞
TightVNC is a cross-platform open source remote desktop software. A security vulnerability exists in versions prior to TightVNC v2.8.75 that stems from TightVNC running as an elevated privilege account on the backend. An attacker could exploit this vulnerability to elevate the privileges of the...
SUSE CVE-2009-1373
Buffer overflow in the XMPP SOCKS5 bytestream server in Pidgin formerly Gaim before 2.5.6 allows remote authenticated users to execute arbitrary code via vectors involving an outbound XMPP file transfer. NOTE: some of these details are obtained from third party information...
SUSE CVE-2012-2214
proxy.c in libpurple in Pidgin before 2.10.4 does not properly handle canceled SOCKS5 connection attempts, which allows user-assisted remote authenticated users to cause a denial of service application crash via a sequence of XMPP file-transfer requests...
curl: FTP-KRB bad message verification
A vulnerability was found in curl. This issue occurs because it mishandles message verification failures when curl does FTP transfers secured by krb5. This flaw makes it possible for a Man-in-the-middle attack to go unnoticed and allows data injection into the client...
ALPINE-CVE-2022-32208
When curl 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client...
IBM Sterling Secure Proxy缓冲区溢出漏洞
IBM Sterling Secure Proxy, an IBM application proxy for securing file transfers in an organization's unprotected zone DMZ, secures trusted zones with multi-factor authentication, SSL session interruption, inbound firewall vulnerability patching, protocol checking, and other controls.IBM Sterling...
AlmaLinux 8 : spice-vdagent (ALSA-2021:1791)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2021:1791 advisory. - A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged local guest...
EulerOS 2.0 SP3 : spice-vdagent (EulerOS-SA-2021-2617)
According to the versions of the spice-vdagent package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged...
Huawei EulerOS: Security Advisory for spice-vdagent (EulerOS-SA-2021-2452)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP2 : spice-vdagent (EulerOS-SA-2021-2452)
According to the versions of the spice-vdagent package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. Any unprivileged...
SUSE-SU-2021:3007-1 Security update for java-1_7_0-openjdk
This update for java-170-openjdk fixes the following issues: - Update to 2.6.27 - OpenJDK 7u311 July 2021 CPU Security fixes: - CVE-2021-2341: Improve file transfers bsc1188564 - CVE-2021-2369: Better jar file validation bsc1188565 - CVE-2021-2432: Provide better LDAP provider support bsc1188568 ...
libssh buffer overflow vulnerability (CNVD-2021-71262)
Libssh is a C development package from the Libssh organization for accessing SSH services, which can execute remote commands, file transfers, and provide a secure transport channel for remote programs. libssh is vulnerable to a buffer overflow vulnerability, which stems from the fact that libssh...
Security fix for the ALT Linux 10 package java-11-openjdk version 0:11.0.12.7-alt1_0jpp10
Aug. 25, 2021 Andrey Cherepanov 0:11.0.12.7-alt10jpp10 - new version - security fixes: + CVE-2021-2341: Improve file transfers + CVE-2021-2369: Better jar file validation + CVE-2021-2388: Enhance compiler validation + CVE-2021-2161: Less ambiguous processing + CVE-2021-2163: Enhance opening JARs ...
Security update for java-1_8_0-openjdk (important)
openSUSE Security Update: Security update for java-180-openjdk Announcement ID: openSUSE-SU-2021:1176-1 Rating: important References: 1185056 1188564 1188565 1188566 Cross-References: CVE-2021-2161 CVE-2021-2341 CVE-2021-2369 CVE-2021-2388 CVSS scores: CVE-2021-2161 NVD : 5.9...
OPENSUSE-SU-2021:2798-1 Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues: - Update to version jdk8u302 icedtea 3.20.0 - CVE-2021-2341: Improve file transfers. bsc1188564 - CVE-2021-2369: Better jar file validation. bsc1188565 - CVE-2021-2388: Enhance compiler validation. bsc1188566 - CVE-2021-2161: Less...
SUSE-SU-2021:2797-1 Security update for java-1_8_0-openjdk
This update for java-180-openjdk fixes the following issues: - Update to version jdk8u302 icedtea 3.20.0 - CVE-2021-2341: Improve file transfers. bsc1188564 - CVE-2021-2369: Better jar file validation. bsc1188565 - CVE-2021-2388: Enhance compiler validation. bsc1188566 - CVE-2021-2161: Less...
Security update for java-1_8_0-openjdk (important)
openSUSE Security Update: Security update for java-180-openjdk Announcement ID: openSUSE-SU-2021:2798-1 Rating: important References: 1185056 1188564 1188565 1188566 Cross-References: CVE-2021-2161 CVE-2021-2341 CVE-2021-2369 CVE-2021-2388 CVSS scores: CVE-2021-2161 NVD : 5.9...
Huawei EulerOS: Security Advisory for spice-vdagent (EulerOS-SA-2021-2316)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...