176 matches found
XenServer and Citrix Hypervisor Security Update for CVE-2023-46842, CVE-2024-2201 and CVE-2024-31142
Description of Problem Two issues have been identified that affect XenServer and Citrix Hypervisor; each issue may allow malicious unprivileged code in a guest VM to infer the contents of memory belonging to its own or other VMs on the same host. These issues have the following identifiers:...
ROS-20240402-21
Vulnerability of the OpenSC smart card software toolkit and libraries is related to a memory vulnerability during card registration using pkcs15-init. memory vulnerabilities during card registration using pkcs15-init. Exploitation of the vulnerability could allow an attacker to affect the...
ROS-2-1502
2.1502 Multiple vulnerabilities in libwebp 1. Vulnerability description: CVE-2020-36332 A vulnerability in the libwebp library for encoding and decoding WebP images, is related to improper control of internal resource consumption. Exploitation of the vulnerability could allow an attacker acting...
EulerOS 2.0 SP8 : binutils (EulerOS-SA-2024-1257)
According to the versions of the binutils packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Heap-based Buffer Overflow in function bfdgetl32 in Binutils objdump 3.37. CVE-2021-46174 - GNU Binutils before 2.40 was discovered to contain...
About the security content of macOS Ventura 13.6.5
About the security content of macOS Ventura 13.6.5 This document describes the security content of macOS Ventura 13.6.5. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or...
openSUSE: Security Advisory for xorg (SUSE-SU-2023:4791-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
OPENSUSE-SU-2024:0021-1 Security update for perl-Spreadsheet-ParseXLSX
This update for perl-Spreadsheet-ParseXLSX fixes the following issues: Updated to 0.29: see /usr/share/doc/packages/perl-Spreadsheet-ParseXLSX/Changes 0.29: - Fix for 'Argument '' isn't numeric in addition + at /usr/local/shar… - Incorrect cell values due to phonetic data doy72 - Fix die message ...
MGASA-2024-0009 Updated x11-server and tigervnc packages fix security vulnerabilities
The updated packages fix security vulnerabilities: A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in...
xorg security update
CentOS Errata and Security Advisory CESA-2024:0009 An update for xorg-x11-server is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...
CentOS 8 : opensc (CESA-2023:7876)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2023:7876 advisory. - A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographi...
PT-2023-27032 · Undefined · Undefined
on to the next stage, the purpose of which was access to the iOS kernel. The kernel was manipulated using vulnerabilities CVE-2023-42434 and CVE-2023-39606. The operation of the first one opened read and write access to the entire physical memory of the device, the use of the...
Fedora 38 : opensc (2023-c7e4c9af51)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-c7e4c9af51 advisory. New upstream release 2240701 with security fixes for CVE-2023-40660, CVE-2023-4535, CVE-2023-40661 Tenable has extracted the preceding description...
AlmaLinux 9 : opensc (ALSA-2023:7879)
The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:7879 advisory. - A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic...
Fedora 39 : opensc (2023-a854153d7a)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-a854153d7a advisory. New upstream release 2240701 with security fixes for CVE-2023-40660, CVE-2023-4535, CVE-2023-40661 Tenable has extracted the preceding description...
AlmaLinux 8 : opensc (ALSA-2023:7876)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:7876 advisory. - A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic...
OpenSC: multiple memory issues with pkcs15-init (enrollment tool)
Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of these flaws, an attacker must have physical access to the computer system and employ a...
OpenSC: multiple memory issues with pkcs15-init (enrollment tool)
Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of these flaws, an attacker must have physical access to the computer system and employ a...
Oracle Linux 9 : opensc (ELSA-2023-7879)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-7879 advisory. - Fix CVE-2023-40660: Potential PIN bypass - Fix CVE-2023-40661: Dynamic analyzers reports in pkcs15init - Fix CVE-2023-4535: Out-of-bounds read in MyE...
RHEL 9 : opensc (RHSA-2023:7879)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:7879 advisory. The OpenSC set of libraries and utilities provides support for working with smart cards. OpenSC focuses on cards that support cryptographic...
RHEL 8 : opensc (RHSA-2023:7876)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:7876 advisory. The OpenSC set of libraries and utilities provides support for working with smart cards. OpenSC focuses on cards that support cryptographic...