PT-2024-14985 · Isc +9 · Bind 9 +9

Name of the Vulnerable Software and Affected Versions: BIND 9 versions 9.16.0 through 9.16.45 BIND 9 versions 9.16.8-S1 through 9.16.45-S1 Description: The issue affects the named process running as a recursive resolver, which attempts to clean up its cache database using several methods, includi...

ISC BIND 9.12.0 < 9.16.48 / 9.16.8-S1 < 9.16.48-S1 / 9.18.0 < 9.18.24 / 9.18.11-S1 < 9.18.24-S1 / 9.19.0 < 9.19.21 Assertion Failure (cve-2023-5517)

The version of ISC BIND installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the cve-2023-5517 advisory. - A flaw in query-handling code can cause named to exit prematurely with an assertion failure when: - nxdomain-redirect ; is...

Ubuntu 22.04 LTS / 23.10 : Bind vulnerabilities (USN-6633-1)

The remote Ubuntu 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6633-1 advisory. Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled parsing large DNS messages. A remote...

CVE-2024-25718

In the Samly package before 1.4.0 for Elixir, Samly.State.Store.getassertion/3 can return an expired session, which interferes with access control because Samly.AuthHandler uses a cached session and does not replace it, even after expiry...

Samly security breach

Samly is used to enable the Plug/Phoenix application via SAML. A security vulnerability exists in Samly versions prior to 1.4.0, which stems from the ability to return expired sessions, which can interfere with access control...

PT-2024-21111 · Samly · Samly

Name of the Vulnerable Software and Affected Versions: Samly package versions prior to 1.4.0 for Elixir Description: The issue arises from the Samly.State.Store.get assertion/3 function, which can return an expired session. This interferes with access control because Samly.AuthHandler uses a cach...

CVE-2024-25445

Improper handling of values in HuginBase::PTools::Transform::transform of Hugin 2022.0.0 leads to an assertion failure...

CVE-2024-25445

Improper handling of values in HuginBase::PTools::Transform::transform of Hugin 2022.0.0 leads to an assertion failure...

DEBIAN-CVE-2024-25445

Improper handling of values in HuginBase::PTools::Transform::transform of Hugin 2022.0.0 leads to an assertion failure...

Input validation

Improper handling of values in HuginBase::PTools::Transform::transform of Hugin 2022.0.0 leads to an assertion failure...

UBUNTU-CVE-2024-25445

Improper handling of values in HuginBase::PTools::Transform::transform of Hugin 2022.0.0 leads to an assertion failure...

Hugin security breach

Hugin is a cross-platform open source panoramic photography image stitching software by Hugin Open Source. A security vulnerability exists in Hugin version v2022.0.0, which stems from an assertion failure due to improper handling of values...

CVE-2024-25445

CVE-2024-25445 affects Hugin 2022.0.0 where HuginBase::PTools::Transform::transform mishandles input values, triggering an assertion failure (crash). This is listed with high impact (Confidentiality/Integrity/Availability High) and local exploitability with user interaction required. OpenSUSE/Fed...

CVE-2024-25445

Improper handling of values in HuginBase::PTools::Transform::transform of Hugin 2022.0.0 leads to an assertion failure...

CVE-2024-25445

Improper handling of values in HuginBase::PTools::Transform::transform of Hugin 2022.0.0 leads to an assertion failure...

CVE-2024-25445

Improper handling of values in HuginBase::PTools::Transform::transform of Hugin 2022.0.0 leads to an assertion failure...

CVE-2024-25445

Improper handling of values in HuginBase::PTools::Transform::transform of Hugin 2022.0.0 leads to an assertion failure...

Huawei EulerOS: Security Advisory for avahi (EulerOS-SA-2024-1171)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for avahi (EulerOS-SA-2024-1191)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : avahi (EulerOS-SA-2024-1171)

According to the versions of the avahi package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in Avahi, where a reachable assertion exists in avahidnspacketappendrecord. CVE-2023-38469 - A vulnerability was found i...