59 matches found
Important: nss-util
Issue Overview: Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being improperly sanitized before being copied into memory and used. This vulnerability affects Firefox ESR 60.8, Firefox 68, and Thunderbird 60.8. CVE-2019-11729 A heap-based buffer overflow was...
Siemens (CVE-2019-11745)
When encrypting with a block cipher, if a call to NSCEncryptUpdate was made with data smaller than the block size, a small out of bounds write could occur. This could have caused heap corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 68.3, Firefox ESR 68.3, an...
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.17)
The version of AOS installed on the remote host is prior to 5.17. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.17 advisory. - A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The...
Security Bulletin: IBM QRadar SIEM Application Framework v1 (CentOS6) is End of Life
Summary IBM QRadar SIEM's App Framework V1, based on CentOS 6, contains known vulnerabilities and is based on technologies that are no longer being supported. Vulnerability Details CVEID: CVE-2019-9636 DESCRIPTION: Python urllib.parse.urlsplit and urllib.parse.urlparse components could allow a...
Mozilla Firefox Security Advisory (MFSA2019-36) - Linux
This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...
SUSE SLES11 Security Update : MozillaFirefox, mozilla-nspr, mozilla-nss (SUSE-SU-2019:14260-1)
The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2019:14260-1 advisory. - When encrypting with a block cipher, if a call to NSCEncryptUpdate was made with data smaller than the block size, a small out of bounds wri...
SUSE: Security Advisory (SUSE-SU-2019:14260-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:3337-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:3395-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:0088-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2019:3347-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DLA-2388-1 : nss security update
Various vulnerabilities were fixed in nss, the Network Security Service libraries. CVE-2018-12404 Cache side-channel variant of the Bleichenbacher attack. CVE-2018-18508 NULL pointer dereference in several CMS functions resulting in a denial of service. CVE-2019-11719 Out-of-bounds read when...
Debian: Security Advisory (DLA-2388-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM Security Privileged Identity Manager is affected by security vulnerabilities
Summary IBM Security Privileged Identity Manager has addressed an issue for nss-softokn as follows. Vulnerability Details CVEID: CVE-2019-11745 DESCRIPTION: Mozilla Network Security Services NSS, as used in Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system,...
Security Bulletin: IBM MQ Appliance is affected by Network Security Services (NSS) vulnerabilities (CVE-2019-11729 and CVE-2019-11745)
Summary IBM MQ Appliance has addressed the following Network Security Services vulnerabilities. Vulnerability Details CVEID: CVE-2019-11729 DESCRIPTION: Mozilla Firefox is vulnerable to a denial of service, caused by the improper validation of empty or malformed p256-ECDH public keys before being...
Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to security vulnerabilities (CVE-2019-11729, CVE-2019-11745)
Summary IBM has announced a release for IBM Security Identity Governance and Intelligence IGI in response to security vulnerabilities. Mozilla Firefox is vulnerable to a denial of service and Mozilla Network Security Services NSS, as used in Mozilla Firefox could allow a remote attacker to execut...
Ubuntu: Security Advisory (USN-4335-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 7 : nss-softokn (RHSA-2020:1461)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1461 advisory. The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. Security Fixes: nss: Out-of-bounds write when...
Important: Red Hat Security Advisory: nss-softokn security update
An update for nss-softokn is now available for Red Hat Enterprise Linux 7.4 Advanced Update Support, Red Hat Enterprise Linux 7.4 Telco Extended Update Support, and Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security...
RHEL 7 : nss-softokn (RHSA-2020:1267)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1267 advisory. The nss-softokn package provides the Network Security Services Softoken Cryptographic Module. Security Fixes: nss: Out-of-bounds write when...