Moderate: Red Hat Security Advisory: libssh security update

An update for libssh is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

NTFS-3G: buffer overflow issue in NTFS-3G can cause code execution via crafted metadata in an NTFS image

A buffer overflow flaw was found in NTFS-3G. This issue occurs via a crafted metadata in an NTFS image that can cause code execution. A local attacker can exploit this issue if the NTFS-3G binary is setuid root. A physically proximate attacker can exploit this issue if the NTFS-3G software is...

python: int() type in PyLong_FromString() does not limit amount of digits converting text to int leading to DoS

A flaw was found in python. In algorithms with quadratic time complexity using non-binary bases, when using int"text", a system could take 50ms to parse an int string with 100,000 digits and 5s for 1,000,000 digits float, decimal, int.frombytes, and int for binary bases 2, 4, 8, 16, and 32 are no...

MinIO Information Disclosure (CVE-2023-28432)

Binary data minioCVE-2023-28432.nbin...

Debian dla-3719 : php-seclib - security update

The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3719 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3719-1 [email protected] https://www.debian.org/lts/security/...

MinIO Console Detection

Binary data minioconsoledetect.nbin...

Integrated Dell Remote Access Controller (iDRAC) Service Module Installed (Windows)

Binary data dellidracservicemodulewininstalled.nbin...

Apple iOS < 16.7.5 Multiple Vulnerabilities (HT214063)

Binary data appleios1675check.nbin...

Debian dla-3718 : php-phpseclib - security update

The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3718 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3718-1 [email protected] https://www.debian.org/lts/security/...

CVE-2024-22651

There is a command injection vulnerability in the ssdpcgimain function of cgibin binary in D-Link DIR-815 router firmware v1.04...

CVE-2024-22651

There is a command injection vulnerability in the ssdpcgimain function of cgibin binary in D-Link DIR-815 router firmware v1.04...

D-Link DIR-815 Security Vulnerability

The D-Link DIR-815 is a wireless router from China-based AUO D-Link. A security vulnerability exists in the D-Link DIR-815 v1.04, which originates from a command injection vulnerability in the ssdpcgimain function of the cgibin binary...

Apple iOS < 15.7.1 Multiple Vulnerabilities (HT213490)

Binary data appleios1571check.nbin...

The vulnerability of the Python library for interacting with git repositories, GitPython, is related to the use of an insecure search path, allowing attackers to execute arbitrary code with elevated privileges.

The vulnerability of the Python library for interacting with git repositories, GitPython, is related to the use of an unreliable search path. Exploiting this vulnerability allows a attacker to execute arbitrary code with elevated privileges using a specially created binary file...

RHCOS 4 : OpenShift Container Platform 4.10.60 (RHSA-2023:3216)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:3216 advisory. - cri-o: incorrect handling of the supplementary groups CVE-2022-2995 Note that Nessus has not tested for this issue but has instead relied...

Fortra GoAnywhere Managed File Transfer (MFT) < 7.4.1 Authentication Bypass (CVE-2024-0204)

Binary data fortragoanywheremftCVE-2024-0204.nbin...

PT-2024-2765 · Shim +6 · Shim +6

Name of the Vulnerable Software and Affected Versions: Shim affected versions not specified Description: A flaw was found in the MZ binary format in Shim, which is related to an out-of-bounds read. This issue may cause a crash or potentially expose sensitive data during the system's boot phase...

Apple iOS < 17.3 Multiple Vulnerabilities (HT214059)

Binary data appleios173check.nbin...

CVE-2023-40551

A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase...