15 matches found
openSUSE 16 Security Update : frr (openSUSE-SU-2026:20682-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20682-1 advisory. Security issues: - CVE-2025-61099: NULL Pointer Dereference in FRRouting bsc1252838. - CVE-2025-61100: NULL Pointer Dereference in FRRouting...
SUSE-SU-2026:21550-1 Security update for frr
This update for frr fixes the following issues: Security issues: - CVE-2025-61099: NULL Pointer Dereference in FRRouting bsc1252838. - CVE-2025-61100: NULL Pointer Dereference in FRRouting bsc1252829. - CVE-2025-61101: NULL Pointer Dereference in FRRouting bsc1252833. - CVE-2025-61102: NULL Point...
EUVD-2021-17077
Malware in sbrugna...
EUVD-2004-1401
Malware in sbrugna...
[slackware-security] php
New php packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: extra/php81/php81-8.1.33-i586-1slack15.0.txz: Upgraded. This update fixes security issues: PGSQL: Fixed pgsql extension does not check for errors during...
CVE-2023-35169
PHP-IMAP is a wrapper for common IMAP communication without the need to have the php-imap module installed / enabled. Prior to version 5.3.0, an unsanitized attachment filename allows any unauthenticated user to leverage a directory traversal vulnerability, which results in a remote code executio...
youtube-dl vulnerable to file system modification and RCE through improper file-extension sanitization
Description This advisory follows the security advisory GHSA-79w7-vh3h-8g4j published by the yt-dlp/yt-dlp project to aid remediation of the issue in the ytdl-org/youtube-dl project. Vulnerability youtube-dl does not limit the extensions of downloaded files, which could lead to arbitrary filename...
RHEL 5 : libfs (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libFS: Sign extension issues resulting in heap-based buffer overflow CVE-2013-1996 Note that Nessus has not tested...
OPENSUSE-SU-2024:0128-1 Security update for opera
This update for opera fixes the following issues: - Update to 110.0.5130.23 CHR-9706 Update Chromium on desktop-stable-124-5130 to 124.0.6367.62 DNA-116450 Promote 110 to stable - Complete Opera 110 changelog at: https://blogs.opera.com/desktop/changelog-for-110/ - The update to chromium...
CVE-2023-35844
packages/backend/src/routers in Lightdash before 0.510.3 has insecure file endpoints, e.g., they allow .. directory traversal and do not ensure that an intended file extension .csv or .png is used...
PT-2023-33898 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.15 Description: The issue is related to extending a file within the last block. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to v6.0.1...
MGASA-2020-0119 Updated php packages fix bugs and security vulnerabilities
Updated php packages fix bugs and security vulnerabilities: Core: - Fixed bug 71876 Memory corruption htmlspecialchars: charset ' not supported. - Fixed bug 79146 cscript can fail to run on some systems. - Fixed bug 78323 Code 0 is returned on invalid options. - Fixed bug 76047 Use-after-free whe...
SUSE-SU-2019:1461-1 Security update for php7
This update for php7 fixes the following issues: Security issues fixed: - CVE-2019-9637: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension bsc1128892. - CVE-2019-9675: Fixed improper implementation of rename function and multiple invalid memory...
FreeBSD : xorg -- protocol handling issues in X Window System client libraries (2eebebff-cd3b-11e2-8f09-001b38c3836c)
freedesktop.org reports : Ilja van Sprundel, a security researcher with IOActive, has discovered a large number of issues in the way various X client libraries handle the responses they receive from servers, and has worked with X.Org's security team to analyze, confirm, and fix these issues. Most...
CVE-2004-1405
MediaWiki 1.3.8 and earlier, when used with Apache modmime, does not properly handle files with two file extensions, such as .php.rar, which allows remote attackers to upload and execute arbitrary code...