Oracle Linux 8 : perl-Convert-ASN1 (ELSA-2024-3049)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-3049 advisory. 0.27-18 - Fix unsafe decoding in indef case CVE-2013-7488 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

GHSA-VGXH-X8JV-HMFF silverstripe/framework code execution vulnerability

There is a vulnerability whereby arbitrary global functions may be executed if malicious user input is passed through to in the second argument of ViewableData::renderWith. This argument resolves associative arrays as template placeholders. This exploit requires that user code has been written...

Fedora: Security Advisory for rust-uu_dd (FEDORA-2024-ce2936b568)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for rust-shellcheck-sarif (FEDORA-2024-ce2936b568)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: rust-hadolint-sarif-0.4.2-3.fc40

Convert hadolint output to SARIF...

perl-Convert-ASN1 security update

0.27-18 - Fix unsafe decoding in indef case CVE-2013-7488...

RHEL 8 : perl-Convert-ASN1 (RHSA-2024:3049)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:3049 advisory. Convert::ASN1 encodes and decodes ASN.1 data structures using BER/DER rules. Security Fixes: perl-Convert-ASN1: allows remote attackers to cause an...

poppler: NULL pointer dereference in `FoFiType1C::convertToType1`

A flaw was found in the Poppler package. This flaw allows attackers to possibly cause a denial of service via a crafted .pdf file to the FoFiType1C::convertToType1 function...

perl-Convert-ASN1: allows remote attackers to cause an infinite loop via unexpected input

perl-Convert-ASN1 aka the Convert::ASN1 module for Perl through 0.27 allows remote attackers to cause an infinite loop via unexpected input...

Moderate: Red Hat Security Advisory: perl-Convert-ASN1 security update

An update for perl-Convert-ASN1 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...

DEBIAN-CVE-2021-47460

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after conversion from inline format Commit 6dbf7bb55598 "fs: Don't invalidate page buffers in blockwritefullpage" uncovered a latent bug in ocfs2 conversion from inline inode format to a normal inode...

CentOS 8 : perl-Convert-ASN1 (CESA-2024:3049)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2024:3049 advisory. - perl-Convert-ASN1 aka the Convert::ASN1 module for Perl through 0.27 allows remote attackers to cause an infinite loop via unexpected input. CVE-2013-7488 Not...

Moderate: perl-Convert-ASN1 security update

Convert::ASN1 encodes and decodes ASN.1 data structures using BER/DER rules. Security Fixes: perl-Convert-ASN1: allows remote attackers to cause an infinite loop via unexpected input CVE-2013-7488 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

ALSA-2024:3049 Moderate: perl-Convert-ASN1 security update

Convert::ASN1 encodes and decodes ASN.1 data structures using BER/DER rules. Security Fixes: perl-Convert-ASN1: allows remote attackers to cause an infinite loop via unexpected input CVE-2013-7488 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

UBUNTU-CVE-2023-52815

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vkms: fix a possible null pointer dereference In amdgpuvkmsconngetmodes, the return value of drmcvtmode is assigned to mode, which will lead to a NULL pointer dereference on failure of drmcvtmode. Add a check to avoid...

OESA-2024-1585 OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light & Magic for use in computer imaging applications. Security Fixes: An issue in Academy Software Foundation openexr v.3.2.3 and before allows a local attacker to cause a denial of service DoS via the...

OESA-2024-1586 OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light & Magic for use in computer imaging applications. Security Fixes: An issue in Academy Software Foundation openexr v.3.2.3 and before allows a local attacker to cause a denial of service DoS via the...

CVE-2024-4636 Image Optimization by Optimole – Lazy Load, CDN, Convert WebP & AVIF <= 3.12.10 - Authenticated (Author+) Stored Cross-Site Scripting via SVG Upload

The Image Optimization by Optimole – Lazy Load, CDN, Convert WebP & AVIF plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘allowmemetypes’ function in versions up to, and including, 3.12.10 due to insufficient input sanitization and output escaping. This makes it possible...

RHEL 7 : mercurial (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - mercurial: arbitrary command execution in mercurial repo with a git submodule CVE-2017-17458 - The conver...

OESA-2024-1549 OpenEXR security update

OpenEXR is a high dynamic-range HDR image file format originally developed by Industrial Light & Magic for use in computer imaging applications. Security Fixes: An issue in Academy Software Foundation openexr v.3.2.3 and before allows a local attacker to cause a denial of service DoS via the...