Linux Distros Unpatched Vulnerability : CVE-2024-33260

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Jerryscript commit cefd391 was discovered to contain a segmentation violation via the component parserparseclass at jerry-core/parser/js/js-parser-expr.c...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2024-2901)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

libcurl 7.32.0 < 8.9.1 DoS (CVE-2024-7264)

The version of libcurl installed on the remote host is between 7.32.0 and prior to 8.9.1. It is, therefore, affected by a denial of service DoS vulnerability. libcurl's ASN1 parser code has the GTime2str function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorre...

RHEL 7 : imagemagick (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ImageMagick: NULL pointer dereference in GetMagickProperty function in MagickCore/property.c CVE-2018-163...

FreeBSD : bro -- NULL pointer dereference and Signed integer overflow (f56669f5-d799-4ff5-9174-64a6d571c451)

Jon Siwek of Corelight reports : This is a security patch release to address potential Denial of Service vulnerabilities : - NULL pointer dereference in the RPC analysis code. RPC analyzers e.g. MOUNT or NFS are not enabled in the default configuration. - Signed integer overflow in BinPAC-generat...

Ming 'parseSWF_SHAPEWITHSTYLE' function memory leak vulnerability

Ming is a Flash SWF output library written in C for use in systems developed in PHP, Perl, and so on. A memory leak vulnerability exists in the 'parseSWFSHAPEWITHSTYLE' function in the util/parser.c file in Ming version 0.4.8. An attacker can exploit this vulnerability to cause a denial of servic...

SUSE SLED11 Security Update : compat-openssl097g (SUSE-SU-2016:0631-1) (DROWN)

This update for compat-openssl097g fixes the following issues : - CVE-2016-0800 aka the 'DROWN' attack bsc968046: OpenSSL was vulnerable to a cross-protocol attack that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a Bleichenbacher RSA...

openSUSE Security Update : squid3 (openSUSE-SU-2011:1018-1)

This update of squid3 fixes a buffer overflow vulnerability in the Gopher reply parser code CVE-2011-3205. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update squid3-5094. The text description of...

Advisory: Adobe Flash Player and AIR AVM2 intf_count Integer Overflow Remote Code Execution &#40;CVE-2009-1869&#41;

Background: ========== ActionScript code is compiled into ActionScript Byte Code segments, loaded by AVM2 ActionScript Virtual Machine 2. These segments are described by the abcFile structure: abcFile u16 minorversion u16 majorversion cpoolinfo constantpool u30 methodcount methodinfo...