file: Fix of CVE-2019-18218

CVE-2019-18218: fix heap-based buffer overflow in cdfreadpropertyinfo...

Malicious code in cdf-clients (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b42b01e54e7410b51742faa0cb35fe74a73333f619cd8634b5491d3b32418732 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-1082 Malicious code in cdf-clients (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 b42b01e54e7410b51742faa0cb35fe74a73333f619cd8634b5491d3b32418732 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MiracleLinux 8 : file-5.33-20.el8 (AXSA:2021-2595:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2595:03 advisory. file: heap-based buffer overflow in cdfreadpropertyinfo in cdf.c CVE-2019-18218 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : file-5.11-31.el7 (AXSA:2015-693:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-693:01 advisory. The file command is used to identify a particular file according to the type of data contained by the file. File can identify many different file...

EUVD-2025-203472

Hitachi Vantara Pentaho Data Integration and Analytics Community Dashboard Framework prior to versions 10.2.0.4, including 9.3.0.x and 8.3.x display the full server stack trace when encountering an error within the GetCdfResource servlet...

CVE-2025-9122

Hitachi Vantara Pentaho Data Integration and Analytics Community Dashboard Framework prior to versions 10.2.0.4, including 9.3.0.x and 8.3.x display the full server stack trace when encountering an error within the GetCdfResource servlet...

CVE-2025-9122 Hitachi Vantara Pentaho Business Analytics Server - Generation of Error Message Containing Sensitive Information

Hitachi Vantara Pentaho Data Integration and Analytics Community Dashboard Framework prior to versions 10.2.0.4, including 9.3.0.x and 8.3.x display the full server stack trace when encountering an error within the GetCdfResource servlet...

EUVD-2014-0274

Malware in sbrugna...

EUVD-2008-2077

Malware in sbrugna...

EUVD-2014-3489

Malicious code in bioql PyPI...

EUVD-2014-3488

Malicious code in bioql PyPI...

EUVD-2014-3562

Malicious code in bioql PyPI...

Citrix Virtual Apps and Desktops: Issues with Monitor Service after upgrade to 2402 CU2

Environment has been upgraded to 2402 CU2 version. When admin invokes a cmdlet: Get-MonitorConfiguration, the error is displayed: A database operation failed and could not be recovered : Reason ? Not all Delivery Controllers are affected and cmdlet returns actual configuration on some of the...

CWA 2405: Application launch fails after upgrading to CWA 2405

After upgrading CWA to 2405 app launch may fail with "Internal error" or "Connection Timeout". The issue is seen more frequently while trying to launch multiple applications at the same time. The ICA file gets downloaded but after sometime, "Connection timeout" error is seen. Sometimes, the first...

Citrix Director throws “Unexpected Server Error” while clicking on the Trends Tab

Citrix Director throws “Unexpected Server Error” while clicking on the Trends Tab Event ID 5 is logged in Citrix Director, pointing to failure while connecting to data source. The CDF Traces captured from Director Server, show the exception "Unexpected character encountered while parsing value" D...

No device licenses are currently available error when using Server OS Target Devices

PVS Target devices report"No device licenses are currently Available" Restarting the PVS targets will temporarily make the error go away but it will re-appear after a brief period Under Target Device properties the assigned license will be listed as "n/a" despite licenses being available In the P...

Debian: Security Advisory (DLA-27-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

K16954: Multiple PHP CDF vulnerabilities CVE-2014-0237 and CVE-2014-0238

Security Advisory Description CVE-2014-0237 The cdfunpacksummaryinfo function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service performance degradation by triggering many fileprintf calls. CVE-2014-0238 The...

K16875: file vulnerability CVE-2012-1571

Security Advisory Description file before 5.11 and libmagic allow remote attackers to cause a denial of service crash via a crafted Composite Document File CDF file that triggers 1 an out-of-bounds read or 2 an invalid pointer dereference. CVE-2012-1571 Impact An attacker could cause a...