Fedora 38 : ruby (2024-48bdd3abbf)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-48bdd3abbf advisory. Upgrade to Ruby 3.2.4. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Debian dsa-5677 : libruby3.1 - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5677 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5677-1 [email protected] https://www.debian.org/securit...

CVE-2023-51606

Kofax Power PDF U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a...

AZL-40214 CVE-2023-51592 affecting package bluez 5.63-6

BlueZ Audio Profile AVRCP parsemediafolder Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability i...

AZL-40253 CVE-2023-51580 affecting package bluez 5.63-6

BlueZ Audio Profile AVRCP avrcpparseattributelist Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this...

CVE-2023-50195

Trimble SketchUp Viewer SKP File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp Viewer. User interaction is required to exploit this vulnerability in that the target...

UBUNTU-CVE-2023-51589

BlueZ Audio Profile AVRCP parsemediaelement Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability ...

CVE-2023-42060

PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visi...

CVE-2023-42042

PDF-XChange Editor App Object Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2023-39496

PDF-XChange Editor TIF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visi...

CVE-2023-38109

Foxit PDF Reader Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit...

CVE-2023-35714

Ashlar-Vellum Cobalt IGS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must...

UBUNTU-CVE-2023-27349

BlueZ Audio Profile AVRCP Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the...

The vulnerability of the L2/L3 operating system management service of ArubaOS allows a hacker to execute arbitrary code.

The vulnerability of the L2/L3 operating system management service of ArubaOS lies in the fact that operations occur outside of the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted network packets to port 8211...

Fedora 39 : ruby (2024-31cac8b8ec)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-31cac8b8ec advisory. Upgrade to Ruby 3.2.4. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Fedora 40 : ruby (2024-14db7b21a2)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-14db7b21a2 advisory. Upgrade to Ruby 3.3.1. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...

Important: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

ALSA-2024:2616 Important: tigervnc security update

Virtual Network Computing VNC is a remote display system which allows users to view a computing desktop environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. TigerVNC is a suite of VNC servers and clients...

xorg-x11-server: Heap buffer overread/data leakage in ProcXIGetSelectedEvents

A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a...

Important: Red Hat Security Advisory: tigervnc security update

An update for tigervnc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...