2114 matches found
Debian DSA-4896-1 : wordpress - security update
Several vulnerabilities were discovered in Wordpress, a web blogging tool. They allowed remote attackers to perform XML External Entity XXE attacks, and access private content. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...
Security Bulletin: Resilient - Permitting use of outdated ciphers for SSH (CVE-2016-6063)
Summary Security Bulletin: Resilient - Permitting use of outdated ciphers for SSH CVE-2016-6063 Vulnerability Details Title Security Bulletin: Resilient - Permitting use of outdated ciphers for SSH CVE-2016-6063 Summary The default Debian Linux configuration of SSH includes outdated ciphers that...
Debian DSA-4868-1 : flatpak - security update
Anton Lydike discovered that sandbox restrictions in Flatpak, an application deployment framework for desktop apps, could be bypassed via a malicious .desktop file. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...
Debian DSA-4866-1 : thunderbird - security update
Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code or information disclosure. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4866. The text itself ...
Debian DSA-4852-1 : openvswitch - security update
Joakim Hindersson discovered that Open vSwitch, a software-based Ethernet virtual switch, allowed a malicious user to cause a denial-of-service by sending a specially crafted packet. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...
Debian DSA-4826-1 : nodejs - security update
Two vulnerabilities were discovered in Node.js, which could result in denial of service and potentially the execution of arbitrary code or HTTP request smuggling. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...
Debian DSA-4822-1 : p11-kit - security update
David Cook reported several memory safety issues affecting the RPC protocol in p11-kit, a library providing a way to load and enumerate PKCS11 modules. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4822. Th...
Debian DSA-4820-1 : horizon - security update
Pritam Singh discovered an open redirect in the workflow forms of OpenStack Horizon. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4820. The text itself is copyright C Software in the Public Interest, Inc...
Debian DSA-4816-1 : mediawiki - security update
Multiple security issues were discovered in MediaWiki, a website engine for collaborative work, which could result in cross-site scripting or the disclosure of hidden users. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security...
Debian DSA-4801-1 : brotli - security update
A buffer overflow was discovered in Brotli, a generic-purpose lossless compression suite. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4801. The text itself is copyright C Software in the Public Interest,...
Debian DSA-4800-1 : libproxy - security update
Two vulnerabilities were discovered in libproxy, an automatic proxy configuration management library, which could result in denial of service, or possibly, execution of arbitrary code. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debi...
Debian DSA-4798-1 : spip - security update
It was discovered that SPIP, a website engine for publishing, did not correctly validate its input. This would allow authenticated users to execute arbitrary code. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...
Debian LTS: Security Advisory for tcpflow (DLA-2468-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
LifeRay 7.2.1 GA2 - Stored XSS
Exploit Title: LifeRay 7.2.1 GA2 - Stored XSS Date: 10/05/2020 Exploit Author: 3ndG4me Vendor Homepage: https://www.liferay.com/ Software Link: https://www.liferay.com/ Version: 7.1.0 - 7.2.1 GA2 REQUIRED Tested on: Debian Linux CVE : CVE-2020-7934 Public Exploit/Whitepaper:...
Debian DSA-4782-1 : openldap - security update
A vulnerability in the handling of normalization with modrdn was discovered in OpenLDAP, a free implementation of the Lightweight Directory Access Protocol. An unauthenticated remote attacker can use this flaw to cause a denial of service slapd daemon crash via a specially crafted packet. C Tenab...
Debian DSA-4776-1 : mariadb-10.3 - security update
A security issue was discovered in the MariaDB database server. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4776. The text itself is copyright C Software in the Public Interest, Inc. include"compat.inc"; ...
Debian DSA-4765-1 : modsecurity - security update
Ervin Hegedues discovered that ModSecurity v3 enabled global regular expression matching which could result in denial of service. For additional information please refer to https://coreruleset.org/20200914/cve-2020-15598/ C Tenable Network Security, Inc. The descriptive text and package checks in...
Debian DSA-4754-1 : thunderbird - security update
Multiple security issues have been found in Thunderbird which could result in the execution of arbitrary code or the unintended installation of extensions. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4754...
Rails Action View Information Disclosure (CVE-2019-5418)
An information disclosure vulnerability exists in Debian Linux. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
Debian DSA-4731-1 : redis - security update
An integer overflow flaw leading to a stack-based buffer overflow was discovered in redis, a persistent key-value database. A remote attacker can use this flaw to cause a denial of service application crash. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...