EulerOS 2.0 SP9 : avahi (EulerOS-SA-2023-3322)

According to the versions of the avahi package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in Avahi. A reachable assertion exists in the avahiescapelabel function. CVE-2023-38470 Note that Tenable Network Securi...

EulerOS 2.0 SP10 : avahi (EulerOS-SA-2024-1053)

According to the versions of the avahi package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in Avahi, where a reachable assertion exists in avahidnspacketappendrecord. CVE-2023-38469 - A vulnerability was found i...

EulerOS Virtualization 2.9.0 : avahi (EulerOS-SA-2024-1001)

According to the versions of the avahi package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in Avahi. A reachable assertion exists in the avahiescapelabel function. CVE-2023-38470 Note that Tenable...

EulerOS 2.0 SP9 : avahi (EulerOS-SA-2023-3290)

According to the versions of the avahi package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in Avahi. A reachable assertion exists in the avahiescapelabel function. CVE-2023-38470 Note that Tenable Network Securi...

EulerOS 2.0 SP11 : avahi (EulerOS-SA-2023-3234)

According to the versions of the avahi package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in Avahi. A reachable assertion exists in the avahiescapelabel function. CVE-2023-38470 Note that Tenable Network Securi...

EulerOS 2.0 SP11 : avahi (EulerOS-SA-2023-3262)

According to the versions of the avahi package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in Avahi. A reachable assertion exists in the avahiescapelabel function. CVE-2023-38470 Note that Tenable Network Securi...

Fedora 38 : tinyxml (2024-c9dc0ac419)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-c9dc0ac419 advisory. Bugfix release. Includes security fixes for CVE-2021-42260 and CVE-2023-34194 and a fix for incorrect text element encoding upstream isssue 51...

RLSA-2023:7836 Moderate: avahi security update

Avahi is an implementation of the DNS Service Discovery and Multicast DNS specifications for Zero Configuration Networking. It facilitates service discovery on a local network. Avahi and Avahi-aware applications allow you to plug your computer into a network and, with no configuration, view other...

Huawei EulerOS: Security Advisory for avahi (EulerOS-SA-2024-1077)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Medium: avahi

Issue Overview: A reachable assertion was found in avahialternativehostname. CVE-2023-38473 Affected Packages: avahi Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correction: Run...

Amazon Linux 2 : binutils (ALAS-2024-2401)

The version of binutils installed on the remote host is prior to 2.29.1-31. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2401 advisory. A memory consumption issue in getdata function in binutils/nm.c in GNU nm before 2.34 allows attackers to cause a denia...

DEBIAN-CVE-2023-34323

When a transaction is committed, C Xenstored will first check the quota is correct before attempting to commit any nodes. It would be possible that accounting is temporarily negative if a node has been removed outside of the transaction. Unfortunately, some versions of C Xenstored are assuming th...

Huawei EulerOS: Security Advisory for avahi (EulerOS-SA-2024-1001)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3701-1] tinyxml security update

Debian LTS Advisory DLA-3701-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin December 31, 2023 https://wiki.debian.org/LTS Package : tinyxml Version : 2.6.2-4+deb10u2 CVE ID : CVE-2023-34194 CVE-2023-40462 Debian Bug : 1059315 A reachable assertion issue has been...

Kantega SAML SSO OIDC Kerberos Security Vulnerability

Kantega SAML SSO OIDC Kerberos is an authentication plug-in from Kantega. A security vulnerability exists in Kantega SAML SSO OIDC Kerberos versions 4.4.2 through 4.14.8, 5.0.0 through 5.11.4, and 6.0.0 through 6.19.0, which stems from incorrect URL parameter cleanup that allows for HTML injectio...

NewStart CGSL MAIN 6.06 : bind Multiple Vulnerabilities (NS-SA-2023-0094)

The remote NewStart CGSL host, running version MAIN 6.06, has bind packages installed that are affected by multiple vulnerabilities: - By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter...

GLSA-202312-14 : FFmpeg: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202312-14 FFmpeg: Multiple Vulnerabilities - dwauncompress in libavcodec/exr.c in FFmpeg 4.4 allows an out-of-bounds array access because dccount is not strictly checked. CVE-2021-33815 - adtsdecodeextradata in libavformat/adtsenc...

Denial Of Service (DoS)

libtinyxml.so is vulnerable to Denial Of Service DoS. The vulnerability arises due to a reachable assertion in tinyxmlparser.cpp. An attacker can potentially crash the application via a crafted XML document with a \0 located after a whitespace...

CVE-2022-38349

A flaw was found in the Poppler package. This issue occurs due to a reachable assertion in Object.h. By using a specially crafted file, an attacker could cause a denial of service. Mitigation Mitigation for this issue is either not available or the currently available options do not meet the Red...

Oracle Linux 8 : avahi (ELSA-2023-7836)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7836 advisory. - Fix CVE-2021-3468 1939614 - Fix CVE-2023-38469 2191687 - Fix CVE-2023-38470 2191694 - Fix CVE-2023-38471 2191690 - Fix CVE-2023-38472 2191692 Tenable...