Debian: Security Advisory (DSA-4514-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2019-15892

An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x and 6.2.x before 6.2.1. An HTTP/1 parsing failure allows a remote attacker to trigger an assert by sending crafted HTTP/1 requests. The assert will cause an automatic restart with a clean cache, which makes it a Denial of Servic...

UBUNTU-CVE-2019-15892

An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x and 6.2.x before 6.2.1. An HTTP/1 parsing failure allows a remote attacker to trigger an assert by sending crafted HTTP/1 requests. The assert will cause an automatic restart with a clean cache, which makes it a Denial of Servic...

CVE-2019-15892

An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x and 6.2.x before 6.2.1. An HTTP/1 parsing failure allows a remote attacker to trigger an assert by sending crafted HTTP/1 requests. The assert will cause an automatic restart with a clean cache, which makes it a Denial of Servic...

CVE-2019-15892

An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x and 6.2.x before 6.2.1. An HTTP/1 parsing failure allows a remote attacker to trigger an assert by sending crafted HTTP/1 requests. The assert will cause an automatic restart with a clean cache, which makes it a Denial of Servic...

NewStart CGSL MAIN 4.05 : bind Vulnerability (NS-SA-2019-0130)

The remote NewStart CGSL host, running version MAIN 4.05, has bind packages installed that are affected by a vulnerability: - A denial of service flaw was discovered in bind versions that include the deny-answer-aliases feature. This flaw may allow a remote attacker to trigger an INSIST assert in...

CVE-2019-5020

An exploitable denial of service vulnerability exists in the object lookup functionality of Yara 3.8.1. A specially crafted binary file can cause a negative value to be read to satisfy an assert, resulting in Denial of Service. An attacker can create a malicious binary to trigger this vulnerabili...

CVE-2019-5020

An exploitable denial of service vulnerability exists in the object lookup functionality of Yara 3.8.1. A specially crafted binary file can cause a negative value to be read to satisfy an assert, resulting in Denial of Service. An attacker can create a malicious binary to trigger this vulnerabili...

CVE-2019-5020

An exploitable denial of service vulnerability exists in the object lookup functionality of Yara 3.8.1. A specially crafted binary file can cause a negative value to be read to satisfy an assert, resulting in Denial of Service. An attacker can create a malicious binary to trigger this vulnerabili...

CVE-2019-5020

An exploitable denial of service vulnerability exists in the object lookup functionality of Yara 3.8.1. A specially crafted binary file can cause a negative value to be read to satisfy an assert, resulting in Denial of Service. An attacker can create a malicious binary to trigger this vulnerabili...

CVE-2019-9821

A use-after-free vulnerability can occur in AssertWorkerThread due to a race condition with shared workers. This results in a potentially exploitable crash. This vulnerability affects Firefox 67...

SUSE SLES12 Security Update : bind (SUSE-SU-2019:1449-1)

This update for bind fixes the following issues : Security issues fixed : CVE-2018-5740: Fixed a denial of service vulnerability in the 'deny-answer-aliases' feature bsc1104129. CVE-2019-6465: Fixed an issue where controls for zone transfers may not be properly applied to Dynamically Loadable Zon...

Mozilla Firefox Memory Misreference Vulnerability (CNVD-2019-17486)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A resource management error vulnerability exists in AssertWorkerThread in versions prior to Mozilla Firefox 67, which arises from a mismanagement of system resources e.g., memory, disk space, files, et...

UBUNTU-CVE-2019-9821

A use-after-free vulnerability can occur in AssertWorkerThread due to a race condition with shared workers. This results in a potentially exploitable crash. This vulnerability affects Firefox 67...

EulerOS Virtualization for ARM 64 3.0.1.0 : qemu-kvm (EulerOS-SA-2019-1405)

According to the versions of the qemu-kvm packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - An integer overflow issue was found in the NE200 NIC emulation. It could occur while receiving packets from the...

PT-2021-2513 · Tor +4 · Tor +4

Name of the Vulnerable Software and Affected Versions: Tor versions prior to 0.4.5.7 Description: The issue is related to the insufficient use of the assert function in the dirvote add signatures to pending consensus function of the Tor browser. This allows a remote attacker to cause Tor director...

Denial Of Service (DoS)

Quagga is a TCP/IP based routing software suite. The Quagga bgpd daemon implements the BGP Border Gateway Protocol routing protocol. The Quagga ospfd and ospf6d daemons implement the OSPF Open Shortest Path First routing protocol. A heap-based buffer overflow flaw was found in the way the bgpd...

EulerOS Virtualization 2.5.3 : bind (EulerOS-SA-2019-1161)

According to the version of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A denial of service flaw was discovered in bind versions that include the 'deny-answer-aliases' feature. This flaw may allow a remote...

SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2019:0582-1)

This update for qemu fixes the following issues : Security vulnerabilities addressed : CVE-2019-6778: Fixed an out-of-bounds access in slirp bsc1123156 CVE-2018-16872: Fixed a host security vulnerability related to handling symlinks in usb-mtp bsc1119493 CVE-2018-19489: Fixed a Denial-of-Service ...

CVE-2018-4213

In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks...