BIT-ACTIVEMQ-2020-11998

A regression has been introduced in the commit preventing JMX re-bind. By passing an empty environment map to RMIConnectorServer, instead of the map that contains the authentication credentials, it leaves ActiveMQ open to the following attack:...

EUVD-2016-10193

Malware in sbrugna...

EUVD-2006-6792

Malware in sbrugna...

EUVD-2017-17147

Malware in sbrugna...

CVE-2024-53969

Adobe Experience Manager versions 6.5.21 and earlier are affected by a DOM-based Cross-Site Scripting XSS vulnerability that could be exploited to execute arbitrary code in the context of the victim's browser session. By manipulating the DOM environment in the victim's browser, a low privileged...

CentOS 7 : tigervnc (RHSA-2024:2080)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2080 advisory. - A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents function. This issue occurs when byte-swapped...

Debian dsa-5775 : chromium - security update

The remote Debian 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5775 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5775-1 [email protected] https://www.debian.org/securit...

Apple Safari Security Update (HT121241)

Apple Safari is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:apple:safari"; ifdescription...

[SECURITY] [DSA 5757-1] chromium security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5757-1 [email protected] https://www.debian.org/security/ Andres Salomon August 23, 2024 https://www.debian.org/security/faq -...

RHEL 5 : libx11 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libX11: Out of Bounds write in XListExtensions in ListExt.c CVE-2018-14600 - Multiple integer overflows i...

RHEL 5 : openssl (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openssl: doaproutch function does not verify that certain memory allocation succeeds CVE-2016-2842 -...

CVE-2024-3907

CVE-2024-3907 affects Tenda AC500 2.0.1.9(1307). The vulnerability is in the formSetCfm function of /goform/setcfm, where manipulating the funcpara1 argument triggers a stack-based buffer overflow. It is a network‑bound issue with remote potential; the exploit has been disclosed publicly. Public ...

Adobe Commerce Input Validation Error Vulnerability (CNVD-2024-19008)

Adobe Commerce is the United States of America Odobie Adobe company's a business and brand-oriented global leader in digital commerce solutions. Adobe Commerce has an input validation error vulnerability that stems from vulnerability to incorrect input validation vulnerability, which could lead t...

Security Bulletin: IBM Informix archecker, cdr, and onsmsync are vulnerable to heap buffer overflow.

Summary IBM Informix archecker, cdr, and onsmsync are vulnerable to heap buffer overflow when invoked with invalid parameters. Vulnerability Details CVEID:CVE-2023-28527 DESCRIPTION: IBM Informix cdr is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow a...

[SECURITY] [DLA 3747-1] firefox-esr security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3747-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort March 04, 2024 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 3727-1] firefox-esr security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3727-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort January 31, 2024 https://wiki.debian.org/LTS -...

[SECURITY] [DLA 3661-1] firefox-esr security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3661-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort November 23, 2023 https://wiki.debian.org/LTS -...

Ubuntu: Security Advisory (USN-6479-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3632-1] firefox-esr security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3632-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 27, 2023 https://wiki.debian.org/LTS -...

Ubuntu 16.04 ESM : FFmpeg vulnerabilities (USN-5167-1)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5167-1 advisory. It was discovered that FFmpeg did not properly verify certain input when processing video and audio files. An attacker could possibly use this to send...