16 matches found
RockyLinux 8 : webkit2gtk3 (RLSA-2026:10702)
The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:10702 advisory. webkitgtk: Processing maliciously crafted web content may lead to an unexpected Safari crash CVE-2025-43213 webkitgtk: Processing maliciously crafted we...
EUVD-2025-15680
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2022-1353
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in the pfkeyregister function in net/key/afkey.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to...
Linux Distros Unpatched Vulnerability : CVE-2013-0783
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 19.0, Firefox ESR 17.x before 17.0.3, Thunderbird before 17.0.3, Thunderbir...
USN-7183-1: Linux kernel vulnerabilities
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-12351 Andy Nguyen discovered that the...
EulerOS 2.0 SP10 : curl (EulerOS-SA-2024-2901)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is...
Important: httpd
Issue Overview: Encoding problem in modproxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests. Users are recommended to upgrade to version 2.4.60, which fixes this issue...
SUSE-SU-2023:2830-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-1079: Fixed a use-after-free problem that could have been triggered in asuskbdbacklightset when plugging/disconnecting a malicious USB device bsc1208604...
SUSE-SU-2022:3960-1 Security update for xen
This update for xen fixes the following issues: - CVE-2022-42311, CVE-2022-42312, CVE-2022-42313, CVE-2022-42314, CVE-2022-42315, CVE-2022-42316, CVE-2022-42317, CVE-2022-42318: xen: Xenstore: Guests can let xenstored run out of memory bsc1204482 - CVE-2022-42309: xen: Xenstore: Guests can crash...
MGASA-2018-0378 Updated ghostscript packages fix security vulnerabilities
Updated ghostscript packages fix several security vulnerabilities including: In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files CVE-2018-15908. In Artifex Ghostscript 9.23 before 2018-08-24, a typ...
Security Bulletin: Multiple vulnerabilities in Network Time Protocol (NTP) affect WebSphere DataPower XC10 Appliance
Summary There are multiple vulnerabilities in Network Time Protocol NTP implementation that is used by WebSphere DataPower XC10 Appliance. These vulnerabilities addressed include the ability to crash application and disable ntp service. Vulnerability Details CVEID: CVE-2016-7426 DESCRIPTION: NTP ...
MGASA-2017-0268 Updated firefox packages fix security vulnerabilities
Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox CVE-2017-7779, CVE-2017-7798, CVE-2017-7800, CVE-2017-7801,...
Ethereal: Multiple security problems
Background Ethereal is a feature rich network protocol analyzer. Description There are multiple vulnerabilities in versions of Ethereal earlier than 0.10.4, including: A buffer overflow in the MMSE dissector. Under specific conditions a SIP packet could make Ethereal crash. The AIM dissector coul...
Unichat Vulnerabilities
Author: DarkKnight My site: http://www.insecureonline.com Product: Unichat Vendor Info.: Did not respond //Quote// "Come here," said the Spider to the Fly. Respected Just a few: ------------------- http://securityfocus.com http://eeye.com http://packetstormsecurity.nl http://jinxhackwear.com...
Bugs in NukeNabber 2.9b
By default Nukenabber listens on port 19udp for connections, and gathers information on the source address... If we send binary zero's to it this is what we get sends binary zeros nc target 19 -u /dev/zero this appears on nukenabber 02/11/2001 23:53:14.310 GMT-0500 Unable to determine source of...
SHGetPathFromIDList.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Windows Api SHGetPathFromIDList Buffer Overflow To all those people who sent email to us asking for more information about the SHGetPathFromIDList Windows Api overflow. Here is a more specific description about the problem. All Structure lengths, or...