Debian: Security Advisory (DSA-4417-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 4411-1] firefox-esr security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4411-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff March 20, 2019 https://www.debian.org/security/faq -...

Google Chrome Security Updates (stable-channel-update-for-desktop_12-2019-03) - Linux

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

CVE-2019-9581

phpscheduleit Booked Scheduler 2.7.5 allows arbitrary file upload via the Favicon field, leading to execution of arbitrary Web/custom-favicon.php PHP code, because Presenters/Admin/ManageThemePresenter.php does not ensure an image file extension...

Default credentials

phpscheduleit Booked Scheduler 2.7.5 allows arbitrary file upload via the Favicon field, leading to execution of arbitrary Web/custom-favicon.php PHP code, because Presenters/Admin/ManageThemePresenter.php does not ensure an image file extension...

CVE-2019-9581

phpscheduleit Booked Scheduler 2.7.5 allows arbitrary file upload via the Favicon field, leading to execution of arbitrary Web/custom-favicon.php PHP code, because Presenters/Admin/ManageThemePresenter.php does not ensure an image file extension...

Debian DSA-4392-1 : thunderbird - security update

Multiple security issues have been found in the Thunderbird mail client, which could lead to the execution of arbitrary code, denial of service or spoofing of S/MIME signatures. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...

Cisco Prime Infrastructure swimtemp TFTP Arbitrary File Upload (CVE-2018-15379)

An arbitrary file upload vulnerability exists in Cisco Prime Infrastructure. The vulnerability is due to the presence of a symbolic link permitting the upload of files into a location where they can be later executed. Successful exploitation could result in the execution of arbitrary code in the...

Debian DLA-1649-1 : spice security update

Christophe Fergeau discovered an out-of-bounds read vulnerability in spice, a SPICE protocol client and server library, which might result in denial of service spice server crash, or possibly, execution of arbitrary code. For Debian 8 'Jessie', this problem has been fixed in version...

[SECURITY] [DSA 4375-1] spice security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4375-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso January 29, 2019 https://www.debian.org/security/faq -...

Debian DSA-4368-1 : zeromq3 - security update

Guido Vranken discovered that an incorrect bounds check in ZeroMQ, a lightweight messaging kernel, could result in the execution of arbitrary code. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4368. The te...

Debian: Security Advisory (DLA-1605-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 7 : glusterfs (CESA-2018:2607)

Updated glusterfs packages that fix multiple security issues and bugs, and add various enhancements are now available for Red Hat Gluster Storage 3.4 on Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability...

Debian DSA-4333-1 : icecast2 - security update

Nick Rolfe discovered multiple buffer overflows in the Icecast multimedia streaming server which could result in the execution of arbitrary code. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4333. The text...

Ubuntu: Security Advisory (USN-3765-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-4310-1 : firefox-esr - security update

Two security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code inside the sandboxed content process. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Securi...

CVE-2018-16657

In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message with an invalid Via header causes a segmentation fault and crashes Kamailio. The reason is missing input validation in the crcittstringarray core function for calculating a CRC hash for To tags. An additional error is present ...

Debian: Security Advisory (DLA-1425-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2017-7467

A buffer overflow flaw was found in the way minicom before version 2.7.1 handled VT100 escape sequences. A malicious terminal device could potentially use this flaw to crash minicom, or execute arbitrary code in the context of the minicom process...

Ubuntu: Security Advisory (USN-3707-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...