86 matches found
MiracleLinux 7 : firefox-68.6.0-1.0.1.el7.AXS7 (AXSA:2020-4500:06)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-4500:06 advisory. Mozilla: Use-after-free when removing data about origins CVE-2020-6805 Mozilla: BodyStream::OnInputStreamReady was missing protections against state...
CBL Mariner 2.0 Security Update: usrsctp (CVE-2019-20503)
The version of usrsctp installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2019-20503 advisory. - usrsctp before 2019-12-20 has out-of-bounds reads in sctploadaddressesfrominit. CVE-2019-20503 Note that...
RHEL 5 : usrsctp (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - usrsctp: Buffer overflow in AUTH chunk input validation CVE-2020-6831 - usrsctp before 2019-12-20 has...
Oracle Linux 6 : thunderbird (ELSA-2020-0914)
The remote Oracle Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-0914 advisory. 68.6.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 68.6.0-1 - Update to 68.6.0 build2 Tenable has...
Debian dla-3481 : libusrsctp-dev - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3481 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3481-1 [email protected] https://www.debian.org/lts/security/...
[SECURITY] [DLA 3481-1] libusrsctp security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3481-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès July 06, 2023 https://wiki.debian.org/LTS -...
CVE-2019-20503 affecting package usrsctp for versions less than 0.9.5.0-1
CVE-2019-20503 affecting package usrsctp for versions less than 0.9.5.0-1. A patched version of the package is available...
Mageia: Security Advisory (MGASA-2020-0142)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mageia: Security Advisory (MGASA-2020-0141)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2020:14312-1)
The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2020:14312-1 advisory. - usrsctp before 2019-12-20 has out-of-bounds reads in sctploadaddressesfrominit. CVE-2019-20503 - When removing data about an origin whose ta...
SUSE: Security Advisory (SUSE-SU-2020:0686-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:14312-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:0717-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 8 : firefox (CESA-2020:0820)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2020:0820 advisory. - usrsctp: Out of bounds reads in sctploadaddressesfrominit CVE-2019-20503 - Mozilla: Use-after-free when removing data about origins CVE-2020-6805 -...
Amazon Linux 2 : thunderbird (ALAS-2020-1414)
The version of thunderbird installed on the remote host is prior to 68.6.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1414 advisory. The Mozilla Foundation Security Advisory describes this flaw as: When removing data about an origin whose tab was...
Important: thunderbird
Issue Overview: The Mozilla Foundation Security Advisory describes this flaw as: When removing data about an origin whose tab was recently closed, a use-after-free could occur in the Quota manager, resulting in a potentially exploitable crash. CVE-2020-6805 The Mozilla Foundation Security Advisor...
Ubuntu: Security Advisory (USN-4335-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 18.04 LTS : Thunderbird vulnerabilities (USN-4328-1)
The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4328-1 advisory. It was discovered that Message ID calculation was based on uninitialized data. An attacker could potentially exploit this to obtain sensitive information...
Ubuntu: Security Advisory (USN-4328-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-4328-1: Thunderbird vulnerabilities
It was discovered that Message ID calculation was based on uninitialized data. An attacker could potentially exploit this to obtain sensitive information. CVE-2020-6792 Mutiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message, an...