curl: Fix of 2 CVEs

CVE-2019-5436: tftp: use the current blksize for recvfrom - CVE-2016-8615: cookie: replace use of fgets with custom version...

Siemens SIMATIC S7-1500 Out-of-bounds Write (CVE-2019-5482)

Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504254;...

EUVD-2019-16405

Malware in sbrugna...

EUVD-2019-15060

Malicious code in bioql PyPI...

EUVD-2021-30025

Malicious code in bioql PyPI...

CVE-2019-6851

A CWE-538: File and Directory Information Exposure vulnerability exists in Modicon M580, Modicon M340, Modicon Premium , Modicon Quantum all firmware versions, which could cause the disclosure of information from the controller when using TFTP protocol...

PT-2025-7409 · Hitachi Vantara · Hitachi Vantara Pentaho Business Analytics Server

Name of the Vulnerable Software and Affected Versions: Hitachi Vantara Pentaho Business Analytics Server versions prior to 10.2.0.0 Hitachi Vantara Pentaho Business Analytics Server versions prior to 9.3.0.9 Hitachi Vantara Pentaho Business Analytics Server version 8.3.x Description: The web serv...

Oracle Linux 8 : curl (ELSA-2020-1792)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-1792 advisory. - double free due to subsequent call of realloc CVE-2019-5481 - fix heap buffer overflow in function tftpreceivepacket CVE-2019-5482 Tenable has...

CVE-2021-43072

A buffer copy without checking size of input 'classic buffer overflow' in Fortinet FortiAnalyzer version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiManager version 7.0.2 and below, version 6.4.7 and below, version...

CVE-2021-43072

A buffer copy without checking size of input 'classic buffer overflow' in Fortinet FortiAnalyzer version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiManager version 7.0.2 and below, version 6.4.7 and below, version...

Buffer overflow

A buffer copy without checking size of input 'classic buffer overflow' in Fortinet FortiAnalyzer version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiManager version 7.0.2 and below, version 6.4.7 and below, version...

SUSE CVE-2006-1061

Heap-based buffer overflow in cURL and libcURL 7.15.0 through 7.15.2 allows remote attackers to execute arbitrary commands via a TFTP URL tftp:// with a valid hostname and a long path...

SUSE CVE-2019-5482

Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3...

Fortinet FortiOS Buffer Overflow (FG-IR-21-206)

The remote host is running a version of FortiOS that is 6.0.x through 6.0.14, 6.2.x through 6.2.10, 6.4.x through 6.4.8, or 7.0.x through 7.0.5. It is, therefore, affected by a buffer overflow vulnerability. An authenticated, remote attacker can exploit this issue, via the TFTP protocol with...

Fortinet FortiManager Buffer Overflow (FG-IR-21-206)

The remote host is running a version of FortiManager that is 5.6.x through 5.6.11, 6.x through 6.0.11, 6.2.x through 6.2.9, 6.4.x through 6.4.7, or 7.x through 7.0.2. It is, therefore, affected by a buffer overflow vulnerability. An authenticated, remote attacker can exploit this issue, via the...

Protect

A buffer copy without checking size of input 'Classic Buffer Overflow'Â vulnerability CWE-120 in FortiAnalyzer, FortiManager, FortiOS and FortiProxy may allow a privileged attacker to execute arbitrary code or command via crafted CLI execute certificate remote, execute vpn certificate remote and...

PT-2022-3652 · Fortinet · Fortimanager +3

Name of the Vulnerable Software and Affected Versions: FortiAnalyzer versions 7.0.2 and below, 6.4.7 and below, 6.2.9 and below, 6.0.11 and below, 5.6.11 and below FortiManager versions 7.0.2 and below, 6.4.7 and below, 6.2.9 and below, 6.0.11 and below, 5.6.11 and below FortiOS versions 7.0.0...

Schneider Electric Modicon Exposure of Sensitive Information to an Unauthorized Actor (CVE-2019-6851)

A CWE-538: File and Directory Information Exposure vulnerability exists in Modicon M580, Modicon M340, Modicon Premium , Modicon Quantum all firmware versions, which could cause the disclosure of information from the controller when using TFTP protocol. This plugin only works with Tenable.ot...

Mageia: Security Advisory (MGASA-2019-0337)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NewStart CGSL CORE 5.05 / MAIN 5.05 : curl Multiple Vulnerabilities (NS-SA-2021-0154)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has curl packages installed that are affected by multiple vulnerabilities: - Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. CVE-2019-5482 - curl 7.20.0 through 7.70.0 is vulnerable to improper...