Lucene search
K

13 matches found

Tenable Nessus
Tenable Nessus
added 2023/09/07 12:0 a.m.33 views

Oracle Linux 7 : GNOME (ELSA-2018-3140)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2018-3140 advisory. - Backport upstream patch for CVE-2018-12910 - Crash in soupcookiejar.c: getcookies on empty hostnames - Security fix for CVE-2018-15120 - Fix crash wh...

9.8CVSS6.4AI score0.11499EPSS
Exploits10References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:28 a.m.1 views

SUSE CVE-2018-10767

There is a stack-based buffer over-read in calling GLib in the function gxpsimagesguesscontenttype of gxps-images.c in libgxps through 0.3.0 because it does not reject negative return values from a ginputstreamread call. A crafted input will lead to a remote denial of service attack...

5.9CVSS9.4AI score0.0227EPSS
Exploits1References3
Rosalinux
Rosalinux
added 2021/07/02 5:14 p.m.28 views

Advisory ROSA-SA-2021-1872

Software: libgxps 0.3.0 OS: Cobalt 7.9 CVE-ID: CVE-2018-10733 CVE-Crit: MEDIUM CVE-DESC: There is a heap-based buffer overflow in the ftfontfacehash function of the gxps-fonts.c file in libgxps before version 0.3.0. The input created will result in a remote denial of service attack. CVE-STATUS:...

6.5CVSS7.5AI score0.0227EPSS
Exploits2
OpenVAS
OpenVAS
added 2020/04/16 12:0 a.m.35 views

Huawei EulerOS: Security Advisory for libgxps (EulerOS-SA-2020-1401)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.0227EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.33 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : libgxps Multiple Vulnerabilities (NS-SA-2019-0044)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has libgxps packages installed that are affected by multiple vulnerabilities: - There is a heap-based buffer over-read in the function ftfontfacehash of gxps-fonts.c in libgxps through 0.3.0. A crafted input will lead to a remo...

6.5CVSS7.1AI score0.0227EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2019/02/02 12:0 a.m.139 views

CentOS Update for gdm CESA-2018:3140 centos7

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS6.9AI score0.04188EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2018/11/27 12:0 a.m.53 views

Scientific Linux Security Update : GNOME on SL7.x x86_64 (20181030)

Security Fixes : - libsoup: Crash in soupcookiejar.c:getcookies on empty hostnames CVE-2018-12910 - poppler: Infinite recursion in fofi/FoFiType1C.cc:FoFiType1C::cvtGlyph function allows denial of service CVE-2017-18267 - libgxps: heap based buffer over read in ftfontfacehash function of...

9.8CVSS6.4AI score0.04188EPSS
Exploits5References7
Tenable Nessus
Tenable Nessus
added 2018/11/16 12:0 a.m.198 views

CentOS 7 : PackageKit / accountsservice / adwaita-icon-theme / appstream-data / at-spi2-atk / etc (CESA-2018:3140)

An update is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links ...

9.8CVSS6.7AI score0.04188EPSS
Exploits7References152
Cent OS
Cent OS
added 2018/11/15 6:43 p.m.809 views

PackageKit, accountsservice, adwaita, appstream, at, atk, baobab, bolt, brasero, cairo, cheese, clutter, compat, control, dconf, devhelp, ekiga, empathy, eog, evince, evolution, file, flatpak, folks, fontconfig, freetype, fribidi, fwupd, fwupdate, gcr, gdk, gdm, gedit, geoclue2, geocode, gjs, glade, glib, glib2, glibmm24, gnome, gnote, gobject, gom, google, grilo, gsettings, gspell, gssdp, gstreamer1, gtk, gtk3, gtksourceview3, gucharmap, gupnp, gvfs, harfbuzz, json, libappstream, libchamplain, libcroco, libgdata, libgee, libgepub, libgexiv2, libgnomekbd, libgovirt, libgtop2, libgweather, libgxps, libical, libmediaart, libosinfo, libpeas, librsvg2, libsecret, libsoup, libwayland, libwnck3, mozjs52, mutter, nautilus, openchange, osinfo, pango, poppler, python2, rest, rhythmbox, seahorse, shotwell, sushi, totem, upower, vala, valadoc, vino, vte, vte291, wayland, webkitgtk4, xdg, yelp, zenity security update

CentOS Errata and Security Advisory CESA-2018:3140 An update is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS7AI score0.13207EPSS
Exploits19References7
Tenable Nessus
Tenable Nessus
added 2018/05/17 12:0 a.m.39 views

Fedora 27 : libgxps (2018-46f3f13c68)

Add patch for CVE-2018-10767 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C...

6.5CVSS6.6AI score0.0227EPSS
Exploits2References3
OpenVAS
OpenVAS
added 2018/05/17 12:0 a.m.24 views

Fedora Update for libgxps FEDORA-2018-46f3f13c68

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.9AI score0.0227EPSS
Exploits2References2
OSV
OSV
added 2018/05/06 11:29 p.m.31 views

CVE-2018-10767

There is a stack-based buffer over-read in calling GLib in the function gxpsimagesguesscontenttype of gxps-images.c in libgxps through 0.3.0 because it does not reject negative return values from a ginputstreamread call. A crafted input will lead to a remote denial of service attack...

6.5CVSS6.7AI score
Exploits0References4
CVE
CVE
added 2018/05/06 11:0 p.m.196 views

CVE-2018-10767

CVE-2018-10767 is a vulnerability in libgxps up to version 0.3.0, caused by a stack-based buffer over-read in gxps_images_guess_content_type (gxps-images.c) when negative return values from g_input_stream_read are not rejected. A crafted input can trigger a remote denial of service. The connected...

6.5CVSS6.4AI score0.0227EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder