30 matches found
Security Bulletin: QRadar Suite Software includes components with multiple known vulnerabilities
Summary QRadar Suite Software includes components with known vulnerabilities. These have been addressed in the update. Vulnerability Details CVEID:CVE-2023-43804 DESCRIPTION: urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn't treat the Cookie HTTP header special or provide...
SUSE: Security Advisory (SUSE-SU-2018:0308-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:0260-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Slackware 14.2 / current : gd (SSA:2020-083-01)
New gd packages are available for Slackware 14.2 and -current to fix security issues. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2020-083-01. The text itself is copyright C Slackware Linux, Inc...
Moderate: Red Hat Security Advisory: rh-php71-php security, bug fix, and enhancement update
An update for rh-php71-php is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...
[SECURITY] [DLA 1651-1] libgd2 security update
Package : libgd2 Version : 2.1.0-5+deb8u12 CVE ID : CVE-2018-5711 CVE-2018-1000222 CVE-2019-6977 CVE-2019-6978 Several issues in libgd2, a graphics library that allows to quickly draw images, have been found. CVE-2019-6977 A potential double free in gdImagePtr has been reported by Solmaz Salimi...
Debian: Security Advisory (DLA-1651-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Code injection
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
SUSE SLES12 Security Update : php7 (SUSE-SU-2018:0308-1)
This update for php7 fixes several issues. These security issues were fixed : - CVE-2018-5712: Prevent reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file that allowed for information disclosure bsc1076220. - CVE-2018-5711: Prevent integer signedness error that coul...
Ubuntu: Security Advisory (USN-3755-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for gd FEDORA-2018-bb7f3f7ecf
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Updated libgd packages fix security vulnerabilities
The updated packages fix security vulnerabilities: gdgifin.c in the GD Graphics Library aka libgd, as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated...
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : GD vulnerabilities (USN-3755-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3755-1 advisory. It was discovered that GD incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code...
USN-3755-1: GD vulnerabilities
It was discovered that GD incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code. CVE-2018-1000222 It was discovered that GD incorrectly handled certain GIF files. An attacker could possibly use this issue to cause a denial of service. CVE-2018-571...
Fedora 26 : gd (2018-331af74020)
Fix CVE-2018-5711 - Potential infinite loop in gdImageCreateFromGifCtx Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducin...
Fedora 27 : gd (2018-ba81e4e4a0)
Fix CVE-2018-5711 - Potential infinite loop in gdImageCreateFromGifCtx Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducin...
SUSE SLES11 Security Update : php53 (SUSE-SU-2018:0806-1)
This update for php53 fixes several issues. These security issues were fixed : - CVE-2016-10712: In PHP all of the return values of streamgetmetadata could be controlled if the input can be controlled e.g., during file uploads. bsc1080234 - CVE-2018-5712: Prevent reflected XSS on the PHAR 404 err...
Amazon Linux AMI : php56 / php70,php71 (ALAS-2018-946)
Reflected XSS in .phar 404 page An issue was discovered in PHP; there is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file. CVE-2018-5712 Denial of Service DoS via infinite loop in libgd gdImageCreateFromGifCtx function in ext/gd/libgd/gdgifin.c The gdgifin.c file...
Medium: php56, php70, php71
Issue Overview: Reflected XSS in .phar 404 page An issue was discovered in PHP; there is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file. CVE-2018-5712 Denial of Service DoS via infinite loop in libgd gdImageCreateFromGifCtx function in ext/gd/libgd/gdgifin.c Th...
Slackware 14.0 / 14.1 / 14.2 / current : php (SSA:2018-034-01)
New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2018-034-01. The text itself is copyright C Slackware Linux,...