CVE-2019-12323

The HC.Server service in Hosting Controller HC10 10.14 allows an Invalid Pointer Write DoS...

HC10 HC.Server Service 10.14 - Remote Invalid Pointer Write Vulnerability

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/HC10-HC.SERVER-10.14-REMOTE-INVALID-POINTER-WRITE.txt + ISR: ApparitionSec Vendor www.hostingcontroller.com Product HC10 HC.Server Service 10.14 HC10 is a unified hosting...

HC10 HC.Server Service 10.14 Remote Invalid Pointer Write

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/HC10-HC.SERVER-10.14-REMOTE-INVALID-POINTER-WRITE.txt + ISR: ApparitionSec Vendor www.hostingcontroller.com Product HC10 HC.Server Service 10.14 HC10 is a unified hosting...

HC10 HC.Server Service 10.14 - Remote Invalid Pointer Write

HC10 HC.Server Service 10.14 - Remote Invalid Pointer Write + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/HC10-HC.SERVER-10.14-REMOTE-INVALID-POINTER-WRITE.txt + ISR: ApparitionSec Vendor www.hostingcontroller.com Produ...

HC10 HC.Server Service 10.14 - Remote Invalid Pointer Write

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/HC10-HC.SERVER-10.14-REMOTE-INVALID-POINTER-WRITE.txt + ISR: ApparitionSec Vendor www.hostingcontroller.com Product HC10 HC.Server Service 10.14 HC10 is a unified hosting...

libvirt security update

CentOS Errata and Security Advisory CESA-2019:1264 An update for libvirt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Important: Red Hat Security Advisory: libvirt security and bug fix update

An update for libvirt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1519)

According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel through 3.11.1 uses data structures and function...

FreeBSD : GnuTLS -- double free, invalid pointer access (fb30db8f-62af-11e9-b0de-001cc0382b2f)

The GnuTLS project reports : - Tavis Ormandy from Google Project Zero found a memory corruption double free vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected. - It was found using the TLS...

[ASA-201904-2] gnutls: multiple issues

Arch Linux Security Advisory ASA-201904-2 ========================================= Severity: Critical Date : 2019-04-05 CVE-ID : CVE-2019-3829 CVE-2019-3836 Package : gnutls Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-945 Summary ======= The package gnutls befor...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4532)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4532 advisory. - ext4: validate that metadata blocks do not overlap superblock Theodore Ts'o Orabug: 28220451 CVE-2018-1094 - ext4: always initialize the crc32c...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2019-4533)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4533 advisory. - ext4: validate that metadata blocks do not overlap superblock Theodore Ts'o Orabug: 28220576 CVE-2018-1094 Tenable has extracted the preceding...

PHP 5.6.x < 5.6.31 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.31. It is, therefore, affected by the following vulnerabilities : - An out-of-bounds read error exists in the PCRE library in the compilebracketmatchingpath function within file pcrejitcompile.c. An...

CVE-2018-19876

cairo 1.16.0, in cairoftapplyvariations in cairo-ft-font.c, would free memory using a free function incompatible with WebKit's fastMalloc, leading to an application crash with a "free: invalid pointer" error...

Memory corruption

cairo 1.16.0, in cairoftapplyvariations in cairo-ft-font.c, would free memory using a free function incompatible with WebKit's fastMalloc, leading to an application crash with a "free: invalid pointer" error...

CVE-2018-19876

cairo 1.16.0, in cairoftapplyvariations in cairo-ft-font.c, would free memory using a free function incompatible with WebKit's fastMalloc, leading to an application crash with a "free: invalid pointer" error...

CVE-2018-19876

cairo 1.16.0, in cairoftapplyvariations in cairo-ft-font.c, would free memory using a free function incompatible with WebKit's fastMalloc, leading to an application crash with a "free: invalid pointer" error...

RHEL 7 : kernel (RHSA-2018:3083)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3083 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: A flaw named FragmentSmack was found i...

MGASA-2018-0413 Updated busybox packages fix security vulnerability

Unziping a specially crafted zip file results in a computation of an invalid pointer and a crash reading an invalid address CVE-2015-9261...

SUSE-SU-2018:2980-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-14617: Prevent NULL pointer dereference and panic in hfspluslookup when opening a file that is purportedly a hard link in an hfs+ filesystem that has...