12 matches found
Debian DSA-4931-1 : xen - security update
Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in denial of service or information leaks. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4931. The...
Debian DSA-4868-1 : flatpak - security update
Anton Lydike discovered that sandbox restrictions in Flatpak, an application deployment framework for desktop apps, could be bypassed via a malicious .desktop file. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...
Debian DSA-4866-1 : thunderbird - security update
Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code or information disclosure. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4866. The text itself ...
Debian DSA-4852-1 : openvswitch - security update
Joakim Hindersson discovered that Open vSwitch, a software-based Ethernet virtual switch, allowed a malicious user to cause a denial-of-service by sending a specially crafted packet. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...
Debian DSA-4822-1 : p11-kit - security update
David Cook reported several memory safety issues affecting the RPC protocol in p11-kit, a library providing a way to load and enumerate PKCS11 modules. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4822. Th...
Debian DSA-4820-1 : horizon - security update
Pritam Singh discovered an open redirect in the workflow forms of OpenStack Horizon. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4820. The text itself is copyright C Software in the Public Interest, Inc...
Debian DSA-4800-1 : libproxy - security update
Two vulnerabilities were discovered in libproxy, an automatic proxy configuration management library, which could result in denial of service, or possibly, execution of arbitrary code. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debi...
Debian DSA-4782-1 : openldap - security update
A vulnerability in the handling of normalization with modrdn was discovered in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol. An unauthenticated remote attacker can use this flaw to cause a denial of service slapd daemon crash via a specially crafted packet. C Tenab...
Debian DSA-4776-1 : mariadb-10.3 - security update
A security issue was discovered in the MariaDB database server. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4776. The text itself is copyright C Software in the Public Interest, Inc. include"compat.inc"; ...
Debian DSA-4765-1 : modsecurity - security update
Ervin Hegedues discovered that ModSecurity v3 enabled global regular expression matching which could result in denial of service. For additional information please refer to https://coreruleset.org/20200914/cve-2020-15598/ C Tenable Network Security, Inc. The descriptive text and package checks in...
Debian DSA-4610-1 : webkit2gtk - security update
The following vulnerabilities have been discovered in the webkit2gtk web engine : - CVE-2019-8835 An anonymous researcher discovered that maliciously crafted web content may lead to arbitrary code execution. - CVE-2019-8844 William Bowling discovered that maliciously crafted web content may lead ...
Debian DSA-4486-1 : openjdk-11 - security update
Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in information disclosure, denial of service or bypass of sandbox restrictions. In addition the implementation of elliptic curve cryptography was modernised. C Tenable Network Security, Inc. The descriptive text a...