Amazon Linux 2023 : bind, bind-chroot, bind-devel (ALAS2023-2024-550)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-550 advisory. The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may...

SUSE-SU-2024:0759-1 Security update for glibc

This update for glibc fixes the following issues: Security issues fixed: - CVE-2020-29573: x86: printf was hardened against non-normal long double values bsc1179721, BZ 26649 - CVE-2021-3326: Fix assertion failure in gconv ISO-2022-JP-3 module bsc1181505, BZ 27256 - CVE-2019-25013: Fix buffer...

PT-2024-18535

Name of the Vulnerable Software and Affected Versions Blue Planet products through 22.12 Description A misconfiguration in the SAML implementation allows for privilege escalation. Only products using SAML authentication are affected. Blue Planet has released software updates to address this issue...

Important: bind

Issue Overview: The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting this flaw. This...

CVE-2023-33096 Reachable Assertion in Multi-Mode Call Processor

Transient DOS while processing DL NAS Transport message, as specified in 3GPP 24.501 v16...

CVE-2023-33095 Reachable Assertion in Multi-Mode Call Processor

Transient DOS while processing multiple payload container type with incorrect container length received in DL NAS transport OTA in NR...

CVE-2023-33095 Reachable Assertion in Multi-Mode Call Processor

Transient DOS while processing multiple payload container type with incorrect container length received in DL NAS transport OTA in NR...

openSUSE: Security Advisory for avahi (SUSE-SU-2023:4901-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for libnbd (SUSE-SU-2023:4463-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for bind (SUSE-SU-2023:3821-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 38 : bind / bind-dyndb-ldap (2024-fae88b73eb)

The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2024-fae88b73eb advisory. Security Fixes - Validating DNS messages containing a lot of DNSSEC signatures could cause excessive CPU load, leading to a denial-of-service...

UBUNTU-CVE-2023-52507

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: assert requested protocol is valid The protocol is used in a bit mask to determine if the protocol is supported. Assert the provided protocol is less than the maximum defined so it doesn't potentially perform a...

CentOS 9 : bind-9.16.23-9.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the bind-9.16.23-9.el9 build changelog. - Sending a flood of dynamic DNS updates may cause named to allocate large amounts of memory. This, in turn, may cause named to exit due to ...

CentOS 9 : qemu-kvm-6.1.0-3.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the qemu-kvm-6.1.0-3.el9 build changelog. - use-after-free during packet reassembly rhel-av-8 CVE-2019-15890 - A flaw was found in QEMU in the implementation of the Pointer...

Fedora 39 : kernel (2024-d16d94b00d)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-d16d94b00d advisory. The 6.7.6 stable kernel update contains a number of important fixes across the tree. Tenable has extracted the preceding description block directly...

MikroTik RouterOs Reachable Assertion (CVE-2020-20214)

Mikrotik RouterOs 6.44.6 long-term tree suffers from an assertion failure vulnerability in the btest process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet. This plugin only works with Tenable.ot. Please visit...

MikroTik RouterOs Reachable Assertion (CVE-2020-20262)

Mikrotik RouterOs before 6.47 stable tree suffers from an assertion failure vulnerability in the /ram/pckg/security/nova/bin/ipsec process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet. This plugin only works with Tenable.ot. Plea...

MikroTik RouterOs Reachable Assertion (CVE-2020-20211)

Mikrotik RouterOs 6.44.5 long-term tree suffers from an assertion failure vulnerability in the /nova/bin/console process. An authenticated remote attacker can cause a Denial of Service due to an assertion failure via a crafted packet. This plugin only works with Tenable.ot. Please visit...

MikroTik RouterOs Reachable Assertion (CVE-2022-36522)

Mikrotik RouterOs through stable v6.48.3 was discovered to contain an assertion failure in the component /advanced-tools/nova/bin/netwatch. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted packet. This plugin only works with Tenable.ot. Please visit...

GHSA-4M6J-23P2-8C54 Armeria SAML authentication bypass due to missing validation on unsigned SAML messages

Impact The SAML implementation provided by armeria-saml currently accepts unsigned SAML messages assertions, logout requests, etc. as they are, rather than rejecting them by default. As a result, an attacker can forge a SAML message to authenticate themselves, despite the fact that such an unsign...