102 matches found
CVE-2015-3205
libmimedir allows remote attackers to execute arbitrary code via a VCF file with two NULL bytes at the end of the file, related to "free" function calls in the "lexer's memory clean-up procedure."...
Fedora 21 : vorbis-tools-1.4.0-19.fc21 (2015-2335)
validate count of channels in the header CVE-2014-9638 and CVE-2014-9639 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Fedora 20 : kernel-3.17.8-200.fc20 (2015-0515)
The 3.17.8 stable update contains a number of important fixes across the tree. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...
Fedora 20 : smack-3.2.2-6.fc20 (2014-16383)
fix for CVE-2014-0363 rhbz1093274 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 ...
JBoss JMX Console DeploymentFileRepository WAR Upload and Deployment
This module uses the DeploymentFileRepository class in the JBoss Application Server to deploy a JSP file which then deploys an arbitrary WAR file. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule...
Fedora 20 : kernel-3.16.6-203.fc20 (2014-13773)
More KVM CVE fixes. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...
Fedora 20 : python-oauth2-1.5.211-8.fc20 (2014-12475)
Actually apply patch to fix CVE-2013-4347 thanks to Jason Green, Matt Wilson. Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski. Fix CVE-2013-4346 and CVE-2013-4347, thanks to Philippe Makowski. Note that Tenable Network Security has extracted the preceding description block direct...
Fedora 20 : nginx-1.4.7-3.fc20 (2014-11415)
Security fix for CVE-2014-3616 - Create nginx-filesystem subpackage Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
CVE-2014-7186
The redirection implementation in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a denial of service out-of-bounds array access and application crash or possibly have unspecified other impact via crafted use of here documents, aka the "redirstack" issue...
Fedora 21 : xerces-j2-2.11.0-22.fc21 (2014-10617)
Security fix for CVE-2013-4002 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...
Fedora 19 : fish-2.1.0-9.fc19 (2014-5783)
CVE-2014-2905 is severe. Apparently requesting stable instead of testing doesn't work. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible withou...
CVE-2013-6954
The pngdoexpandpalette function in libpng before 1.6.8 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via 1 a PLTE chunk of zero bytes or 2 a NULL palette, related to pngrtran.c and pngset.c...
Fedora 19 : perl-Module-Metadata-1.000015-1.fc19 (2013-15196)
This update clarifies the module's documentation about the code it executes, i.e. it does 'eval' a module to determine its version number. Previously it said that it did not execute unsafe code. Note that Tenable Network Security has extracted the preceding description block directly from the...
CVE-2013-5651
The virBitmapParse function in util/virbitmap.c in libvirt before 1.1.2 allows context-dependent attackers to cause a denial of service out-of-bounds read and crash via a crafted bitmap, as demonstrated by a large nodeset value to numatune...
Fedora 18 : squid-3.2.13-1.fc18 (2013-13493)
This is security update that fixes CVE-2013-4123 and CVE-2013-4115. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...
Fedora 19 : mantis-1.2.15-1.fc19 (2013-5801)
new upstream release, fixing security issues: CVE-2013-1930 948971 CVE-2013-1931 948975 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible witho...
Fedora 17 : puppet-2.7.21-2.fc17 (2013-4187)
Updates for the security announcements from Puppet Labs on 12-Mar-2013. https://groups.google.com/group/puppet-announce/t/9200f268f8479e2c This update also provides backported fixes for a number of issues with ruby-1.9. Note that Tenable Network Security has extracted the preceding description...
CVE-2013-0275
Multiple cross-site scripting XSS vulnerabilities in Ganglia Web before 3.5.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Fedora 17 : rubygem-activerecord-3.0.11-6.fc17 (2013-2351)
Fix for CVE-2013-0277. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...
Fedora 17 : seamonkey-2.15.1-1.fc17 (2013-1382)
Update to 2.15.1 Update to 2.15 Fixes CVE-2013-0743, CVE-2013-0744-0760, CVE-2013-0762, CVE-2013-0764, CVE-2013-0766-0770 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and...