6557 matches found
Debian: Security Advisory (DLA-2054-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2054-1] jhead security update
Package : jhead Version : 1:2.97-1+deb8u2 CVE ID : CVE-2018-16554 CVE-2018-17088 CVE-2019-1010301 CVE-2019-1010302 Debian Bug : 907925 908176 932145 932146 Multiple buffer overflows have been fixed in jhead, a program to manipulate the non-image part of Exif compliant JPEG files. For Debian 8...
NewStart CGSL CORE 5.05 / MAIN 5.05 : opensc Multiple Vulnerabilities (NS-SA-2019-0249)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has opensc packages installed that are affected by multiple vulnerabilities: - Several buffer overflows when handling responses from a Muscle Card in musclelistfiles in libopensc/card- muscle.c in OpenSC before 0.19.0-rc1 could...
MGASA-2019-0414 Updated kernel packages fix security vulnerabilities
This update is based on upstream 5.4.6 and fixes various potential security issues related to buffer overflows, double frees, NUll pointer dereferences, improper / missing input validations and so on. It also adds other bugfixes all over the kernel. Other fixes added in this update: - x86/MCE/AMD...
Updated kernel packages fix security vulnerabilities
This update is based on upstream 5.4.6 and fixes various potential security issues related to buffer overflows, double frees, NUll pointer dereferences, improper / missing input validations and so on. It also adds other bugfixes all over the kernel. Other fixes added in this update: - x86/MCE/AMD...
EulerOS 2.0 SP3 : qt (EulerOS-SA-2019-2656)
According to the versions of the qt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in Qt 5.11. A malformed PPM image causes a division by zero and a crash in qppmhandler.cpp.CVE-2018-19872 - An issue was...
EulerOS 2.0 SP3 : iscsi-initiator-utils (EulerOS-SA-2019-2596)
According to the version of the iscsi-initiator-utils packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An issue was discovered in Open-iSCSI through 2.0.875. A local attacker can cause the iscsiuio server to abort or potentially execut...
EulerOS 2.0 SP2 : qt (EulerOS-SA-2019-2381)
According to the versions of the qt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - QXmlSimpleReader in Qt before 5.2 allows context-dependent attackers to cause a denial of service memory consumption via an XML Entity Expansion XEE...
The vulnerabilities of SMM and TXT microprogramming systems from Intel processors are caused by buffer overflows, which allow attackers to gain increased privileges.
The vulnerabilities of SMM and Trusted Execution Technology TXT in Intel microprogramming devices are caused by buffer overflows. Exploiting these vulnerabilities can allow attackers to gain increased privileges...
EulerOS 2.0 SP2 : libXrender (EulerOS-SA-2019-2458)
According to the versions of the libXrender packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple buffer overflows in the 1 XvQueryAdaptors and 2 XvQueryEncodings functions in X.org libXrender before 0.9.10 allow remote X servers...
openSUSE Security Update : cups (openSUSE-2019-2573)
This update for cups fixes the following issues : - CVE-2019-8675: Fixed a stack-based buffer overflow in libcups's asn1gettype functionbsc1146358. - CVE-2019-8696: Fixed a stack-based buffer overflow in libcups's asn1getpacked function bsc1146359. This update was imported from the...
Security Bulletin: Vulnerabilities in IBM Runtime Environments Java Technology Edition, Versions 7 & 8, IBM SDK, Java Technology Edition Version 8 and Eclipse OpenJ9 Affect Transformation Extender
Summary There are vulnerabilities in IBM Runtime Environments Java Technology Edition, Versions 7 and 8, IBM SDK, Java Technology Edition Version 8 and Eclipse Open J9 that affect IBM Transformation Extender. Vulnerability Details CVEID: CVE-2018-1890 Description: On the AIX platform, the IBM Jav...
SUSE SLED15 / SLES15 Security Update : cups (SUSE-SU-2019:3030-1)
This update for cups fixes the following issues : CVE-2019-8675: Fixed a stack-based buffer overflow in libcups's asn1gettype functionbsc1146358. CVE-2019-8696: Fixed a stack-based buffer overflow in libcups's asn1getpacked function bsc1146359. Note that Tenable Network Security has extracted the...
CVE-2019-18240
In Fuji Electric V-Server 4.0.6 and prior, several heap-based buffer overflows have been identified, which may allow an attacker to remotely execute arbitrary code...
CVE-2019-18240
In Fuji Electric V-Server 4.0.6 and prior, several heap-based buffer overflows have been identified, which may allow an attacker to remotely execute arbitrary code...
EulerOS 2.0 SP5 : gpgme (EulerOS-SA-2019-2125)
According to the versions of the gpgme package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - GnuPG Made Easy GPGME is a library designed to make access to GnuPG easier for applications. It provides a high-level crypto API for encryption,...
EulerOS 2.0 SP5 : libsndfile (EulerOS-SA-2019-2208)
According to the versions of the libsndfile package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In libsndfile version 1.0.28, an error in the 'aiffreadchanmap' function aiff.c can be exploited to cause an out-of-bounds read memory access...
Amazon Kindle, Embedded Devices Open to Code-Execution
Multiple vulnerabilities have been found in Das U-Boot, a universal bootloader commonly used in embedded devices like Amazon Kindles, ARM Chromebooks and networking hardware. The bugs could allow attackers to gain full control of an impacted device’s CPU and modify anything they choose. Researche...
Mozilla Firefox ESR < 24.1 Multiple Vulnerabilities
Binary data 701256.prm...
Mozilla Firefox ESR < 24.6 Multiple Vulnerabilities
Binary data 701245.prm...