Oracle Linux 9 : openssh (ELSA-2026-6462)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-6462 advisory. 8.7p1-48.0.1 - Upstream references found with /usr/bin/ssh Orabug: 37814929 - upstream: fix AuthorizedPrincipalsCommand when AuthorizedKeysCommand Orabug:...

Security update for build

This update for build fixes the following issues: - CVE-2024-22038: Fixed DoS attacks, information leaks with crafted Git repositories bnc1230469 Other fixes: - Fixed behaviour when using "--shell" aka "osc shell" option in a VM build. Startup is faster and permissions stay intact now. fixes for...

Security Advisory - Connection Hijacking Vulnerability in Some Huawei Home Routers

A connection hijacking vulnerability exists in some Huawei home routers. Successful exploitation of this vulnerability may cause DoS or information leakage.Vulnerability ID:HWPSIRT-2023-34408 This vulnerability has been assigned a CVEID:CVE-2023-52718...

SUSE-SU-2021:3486-1 Security update for python36

This update for python36 fixes the following issues: - Update to 3.6.15: - CVE-2021-3737: Fixed a DoS caused by infinitely reading potential HTTP headers after a 100 Continue status response from the server. bsc1189241 - CVE-2021-3426: Fixed an information disclosure via pydoc. bsc1183374 -...

SUSE: Security Advisory (SUSE-SU-2021:2771-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

KLA11829 Multiple vulnerabilities in Mozilla Thunderbird

Multiple vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Memory corruption vulnerability on JavaScript Objec...

OPENSUSE-SU-2019:2514-1 Security update for libtomcrypt

This update for libtomcrypt fixes the following issue: CVE-2019-17362: Fixed an improper detection of invalid UTF-8 sequences that could have led to DoS or information disclosure via crafted DER-encoded data bsc1153433. This update was imported from the SUSE:SLE-15:Update update project...

Security update for libtomcrypt (moderate)

openSUSE Security Update: Security update for libtomcrypt Announcement ID: openSUSE-SU-2019:2514-1 Rating: moderate References: 1153433 Cross-References: CVE-2019-17362 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for...

CVE-2018-1116

A flaw was found in polkit before version 0.116. The implementation of the polkitbackendinteractiveauthoritycheckauthorization function in polkitd allows to test for authentication and trigger authentication of unrelated processes owned by other users. This may result in a local DoS and informati...

SUSE-SU-2017:1795-1 Security update for xen

This update for xen fixes several issues. These security issues were fixed: - CVE-2017-9503: The MegaRAID SAS 8708EM2 Host Bus Adapter emulation support was vulnerable to a null pointer dereference issue which allowed a privileged user inside guest to crash the Qemu process on the host resulting ...