64 matches found
Important: Red Hat Security Advisory: plexus-archiver security update
An update for plexus-archiver is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...
tpm2-tss: Buffer Overlow in TSS2_RC_Decode
A flaw was found in tpm2-tss, which is an open source software implementation of the Trusted Computing Group TCG Trusted Platform Module TPM 2 Software Stack TSS2. In affected versions, Tss2RCSetHandler and Tss2RCDecode index into the layerhandler with an 8-bit layer number, but the array only ha...
PT-2023-19413 · Jensen Of Scandinavia · Eagle 1200Ac
Name of the Vulnerable Software and Affected Versions: Jensen of Scandinavia Eagle 1200AC version 15.03.06.33 en Description: A stack overflow issue was discovered via the ssid 5g parameter at the "/goform/WifiBasicSet" API endpoint. Recommendations: For version 15.03.06.33 en, consider restricti...
SUSE CVE-2020-24455
Missing initialization of a variable in the TPM2 source may allow a privileged user to potentially enable an escalation of privilege via local access. This affects tpm2-tss before 3.0.1 and before 2.4.3...
SUSE CVE-2023-22745
tpm2-tss is an open source software implementation of the Trusted Computing Group TCG Trusted Platform Module TPM 2 Software Stack TSS2. In versions prior to 4.1.0-rc0, 4.0.1, and 3.2.2-rc1, Tss2RCSetHandler and Tss2RCDecode both index into layerhandler with an 8 bit layer number, but the array...
TCG TPM2 Software Stack: Information disclosure
Background TCG TPM2 Software Stack is a library to interface with trusted platform modules. Description TCG TPM2 Software Stack did not appropriately apply FAPI policies to protect data encrypted with the trusted platform module. Impact Data encrypted using TCG TPM2 Software Stack tpm2-tss may no...
[SECURITY] Fedora 34 Update: tpm2-tss-3.1.0-1.fc34
tpm2-tss is a software stack supporting Trusted Platform ModuleTPM 2.0 sy stem APIs. It sits between TPM driver and applications, providing TPM2.0 specifi ed APIs for applications to access TPM module through kernel TPM drivers...
Fedora: Security Advisory for tpm2-tss (FEDORA-2020-1d3fcce2a3)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Intel Patches High-Severity Flaw in Security Engine
Intel is warning of a high-severity flaw in the firmware of its converged security and management engine CSME, which if exploited could allow privilege escalation, denial of service and information disclosure. CSME powers Intel’s Active Management System hardware and firmware technology, used for...
Avaya Deskphone: Decade-Old Vulnerability Found in Phone's Firmware
ARCHIVED STORY Avaya Deskphone: Decade-Old Vulnerability Found in Phone’s Firmware By Philippe Laulheret · August 08, 2019 Avaya is the second largest VOIP solution provider source with an install base covering 90% of the Fortune 100 companies source, with products targeting a wide spectrum of...
CVE-2019-14663
Brandy 1.20.1 has a stack-based buffer overflow in fileioopenin in fileio.c via crafted BASIC source code...
Security Bulletin: API Connect V5 is impacted by information disclosure (CVE-2018-1991)
Summary IBM API Connect has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2018-1991 DESCRIPTION: IBM API Connect could could return sensitive information that could provide critical information as to the underlying software stack in CMC UI headers. CVSS Base Score: 2.7...
Security Bulletin: Security Vulnerabilities in Network Time Protocol Daemon affect Intel Manycore Platform Software Stack for use on Intel Xeon Phi 3120A, Intel Xeon Phi 5110P, Intel Xeon Phi 7120A, and Intel Xeon Phi 7120P PCI-Express add-in cards
Summary Security Vulnerabilities in Network Time Protocal Daemon affects the Intel Manycore Platform Software Stack for use on the Intel Xeon Phi PCI-Express add-in cards. Vulnerability Details Abstract Security Vulnerabilities in Network Time Protocal Daemon affects the Intel Manycore Platform...
Oracle Linux 7 : plexus-archiver (ELSA-2018-1836)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2018-1836 advisory. 0:2.4.2-5 - Fix arbitrary file write vulnerability - Resolves: CVE-2018-1002200 Tenable has extracted the preceding description block directly from the Oracle...
Important: Red Hat Security Advisory: rh-maven33-plexus-archiver and rh-maven35-plexus-archiver security update
An update for rh-maven33-plexus-archiver and rh-maven35-plexus-archiver is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...
Important: Red Hat Security Advisory: plexus-archiver security update
An update for plexus-archiver is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabilit...
Security update for testing the software stack (moderate)
This update contains a security update for testing the software stack...
openSUSE Security Update : testing the software stack (openSUSE-2018-428) (deprecated)
This update contains a security update for testing the software stack. It turns out this was not a real security advisory but a test. This plugin is deprecated. %NASLMINLEVEL 999999 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUS...
openSUSE Security Update : testing the software stack (openSUSE-2017-1227)
This update contains a security update for testing the software stack. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2017-1227. The text description of this plugin is C SUSE LLC...
Q&A: Web Application Security Scanning with Netsparker
Q&A with Huseyin Tufekcilerli, the lead developer of Netsparker Desktop web application security scanner More than 70% of all cyber breaches involve web applications, and almost 90% organizations believe their application security programs need to be improved. Web application security has risen t...