SUSE SLES12 Security Update : ImageMagick (SUSE-SU-2020:3163-1)

This update for ImageMagick fixes the following issues : CVE-2020-27560: Fixed potential denial of service in OptimizeLayerFrames function in MagickCore/layer.c bsc1178067. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory...

openSUSE Security Update : xen (openSUSE-2020-2162)

This update for xen fixes the following issues : - bsc1178963 - VUL-0: xen: stack corruption from XSA-346 change XSA-355 This update was imported from the SUSE:SLE-15-SP2:Update update project. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

All Vulnerabilities for restoplace.ws Patched via Open Bug Bounty

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| restoplace.ws ---|--- Open Bug Bounty...

openSUSE Security Update : python-setuptools (openSUSE-2020-2143)

This update for python-setuptools fixes the following issues : - Fixed a directory traversal in downloadhttpurl bsc1176262 CVE-2019-20916 This update was imported from the SUSE:SLE-15-SP1:Update update project. C Tenable Network Security, Inc. The descriptive text and package checks in this plugi...

avto.net Cross Site Scripting vulnerability OBB-1570365

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| avto.net ---|--- Open Bug Bounty...

openSUSE Security Update : krb5 (openSUSE-2020-2062)

This update for krb5 fixes the following security issue : - CVE-2020-28196: Fixed an unbounded recursion via an ASN.1-encoded Kerberos message bsc1178512. This update was imported from the SUSE:SLE-15-SP1:Update update project. C Tenable Network Security, Inc. The descriptive text and package...

openSUSE Security Update : c-ares (openSUSE-2020-2092)

This update for c-ares fixes the following issues : Version update to 1.17.0 - CVE-2020-8277: Fixed a Denial of Service through DNS request bsc1178882 - For further details see https://c-ares.haxx.se/changelog.html This update was imported from the SUSE:SLE-15:Update update project. C Tenable...

pictorem.com Cross Site Scripting vulnerability OBB-1562703

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| pictorem.com ---|--- Open Bug Bounty...

CVE-2020-25725

In Xpdf 4.02, SplashOutputDev::endType3CharGfxState state SplashOutputDev.cc:3079 is trying to use the freed t3GlyphStack-cache, which causes an heap-use-after-free problem. The codes of a previous fix for nested Type 3 characters wasn't correctly handling the case where a Type 3 char referred to...

indopremier.com Cross Site Scripting vulnerability OBB-1524235

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| indopremier.com ---|--- Open Bug Bounty...

openSUSE Security Update : samba (openSUSE-2020-1811)

This update for samba fixes the following issues : - CVE-2020-14383: An authenticated user can crash the DCE/RPC DNS with easily crafted records bsc1177613. - CVE-2020-14323: Unprivileged user can crash winbind bsc1173994. - CVE-2020-14318: Missing permissions check in SMB1/2/3 ChangeNotify...

openSUSE Security Update : tomcat (openSUSE-2020-1842)

This update for tomcat fixes the following issues : - CVE-2020-13943: Fixed HTTP/2 Request mix-up bsc1177582 This update was imported from the SUSE:SLE-15-SP1:Update update project. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUS...

phpLDAPadmin < 0.9.8 DoS Vulnerability - Windows

phpLDAPadmin is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

All Vulnerabilities for operativen-stol.matraci.ws Patched via Open Bug Bounty

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| operativen-stol.matraci.ws ---|--- Open...

CVE-2020-27347

In tmux before version 3.1c the function inputcsidispatchsgrcolon in file input.c contained a stack-based buffer-overflow that can be exploited by terminal output...

dereferer.org Cross Site Scripting vulnerability OBB-1480304

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| dereferer.org ---|--- Open Bug Bounty...

openSUSE Security Update : virt-bootstrap (openSUSE-2020-1787)

This update for virt-bootstrap fixes the following issues : Security issue fixed : - CVE-2019-13314: Allow providing the container's root password using a file bsc1140750. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptive text an...

openSUSE Security Update : spice (openSUSE-2020-1802)

This update for spice fixes the following issues : - CVE-2020-14355: Fixed multiple buffer overflow vulnerabilities in QUIC image decoding bsc1177158. This update was imported from the SUSE:SLE-15-SP2:Update update project. C Tenable Network Security, Inc. The descriptive text and package checks ...

CVE-2020-14383

A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server, which also serves protocols other than dnsserver, will be restarted after a short delay, but it is easy for an authenticated non administrative attacker to crash it again...

openSUSE Security Update : freetype2 (openSUSE-2020-1734)

This update for freetype2 fixes the following issues : - CVE-2020-15999: fixed a heap buffer overflow found in the handling of embedded PNG bitmaps bsc1177914. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptive text and package...