CVE-2023-50304

IBM Engineering Requirements Management DOORS Web Access 9.7.2.8 is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 273335...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 / 25.10 : YAML::Syck vulnerability (USN-7844-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 / 25.10 host has a package installed that is affected by a vulnerability as referenced in the USN-7844-1 advisory. It was discovered that YAML::Syck did not properly handle parsing YAML files. An attacker could...

USN-5501-1 python-django vulnerability

It was discovered that Django incorrectly handled certain SQL. An attacker could possibly use this issue to expose sensitive information...

Fortinet FortiOS 安全漏洞

Fortinet FortiOS is a security operating system from Fortinet that is dedicated to the FortiGate network security platform. The system provides users with a variety of security features such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam.Fortinet FortiOS has a security...

Ubuntu 16.04 LTS : icoutils vulnerabilities (USN-4695-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4695-1 advisory. Choongwoo Han discovered that icoutils incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service or execu...

USN-4613-1 python-cryptography vulnerability

Hubert Kario discovered that python-cryptography incorrectly handled certain decryption. An attacker could possibly use this issue to expose sensitive information...

Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-4368-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4368-1 advisory. Tristan Madani discovered that the file locking implementation in the Linux kernel contained a race condition. A local attacker could possibly use this t...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-4345-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4345-1 advisory. Al Viro discovered that the Linux kernel for s390x systems did not properly perform page table upgrades for kernel sections that use secondar...

Ubuntu 16.04 LTS / 18.04 LTS : PHP vulnerabilities (USN-4330-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4330-1 advisory. It was discovered that PHP incorrectly handled certain file uploads. An attacker could possibly use this issue to cause a crash. CVE-2020-706...

USN-4157-1: Linux kernel vulnerabilities

Wen Huang discovered that the Marvell Wi-Fi device driver in the Linux kernel did not properly perform bounds checking, leading to a heap overflow. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2019-14814, CVE-2019-14815,...

Ubuntu 16.04 LTS / 18.04 LTS : PostgreSQL vulnerabilities (USN-4090-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4090-1 advisory. Tom Lane discovered that PostgreSQL did not properly restrict functions declared as SECURITY DEFINER. An attacker could use this to execute...

Ubuntu 18.04 LTS : Linux kernel (AWS, GCP, KVM, OEM, Raspberry Pi 2) vulnerabilities (USN-3871-3)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3871-3 advisory. Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to...

Security Bulletin: Vulnerability in IBM InfoSphere Information Server installer could expose sensitive information (CVE-2015-1901)

Summary IBM InfoSphere Information Server could allow a local user under special circumstances to execute commands during installation processes that could expose sensitive information. Vulnerability Details CVE-ID: CVE-2015-1901 DESCRIPTION: IBM InfoSphere Information Server could allow a local...

USN-3663-1 haproxy vulnerability

It was discovered that HAProxy incorrectly handled certain resquests. An attacker could possibly use this to expose sensitive information...

Ubuntu 14.04 LTS : Linux kernel (Utopic HWE) vulnerabilities (USN-2948-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-2948-1 advisory. Ralf Spenneberg discovered that the USB driver for Clie devices in the Linux kernel did not properly validate the endpoints reported by the device. An...