Mozilla Firefox ESR < 60.2.1

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 60.2.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2018-23 advisory. - A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored i...

Medium: ecs-service-connect-agent

Issue Overview: Envoy is a cloud-native high-performance edge/middle/service proxy. A security vulnerability in Envoy allows external clients to manipulate Envoy headers, potentially leading to unauthorized access or other malicious actions within the mesh. This issue arises due to Envoy's defaul...

SUSE CVE-2024-50113

In the Linux kernel, the following vulnerability has been resolved: firewire: core: fix invalid port index for parent device In a commit 24b7f8e5cd65 "firewire: core: use helper functions for self ID sequence", the enumeration over self ID sequence was refactored with some helper functions with...

mariadb: server crash in JOIN_CACHE::free or in copy_fields

MariaDB v10.7 was discovered to contain an use-after-poison in in interceptormemset at /libsanitizer/sanitizercommon/sanitizercommoninterceptors.inc...

DEBIAN-CVE-2017-14649

ReadOneJNGImage in coders/png.c in GraphicsMagick version 1.3.26 does not properly validate JNG data, leading to a denial of service assertion failure in magick/pixelcache.c, and application crash...

DEBIAN-CVE-2014-9838

magick/cache.c in ImageMagick 6.8.9-9 allows remote attackers to cause a denial of service crash...