Journyx Reflected Cross Site Scripting

Vulnerability Details Affected Vendor: Journyx Affected Product: Journyx jtime Affected Version: 11.5.4 Platform: GNU/Linux CWE Classification: CWE-81: Improper Neutralization of Script in an Error Message Web Page CVE ID: CVE-2024-6892 2. Vulnerability Description Attackers can craft a...

RHEL 8 : wget (RHSA-2024:4998)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:4998 advisory. The wget packages provide the GNU Wget file retrieval utility for HTTP, HTTPS, and FTP protocols. Security Fixes: wget: Misinterpretation of input ma...

Fedora: Security Advisory (FEDORA-2024-f02d23b92b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: IBM Storage Ceph is vulnerable to an Out-of-bounds Write in the RHEL UBI (CVE-2024-2961)

Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2024-2961. Vulnerability Details CVEID:CVE-2024-2961 DESCRIPTION: GNU C Library is vulnerable to a denial of service, caused by a...

ROS-20240805-08

A vulnerability in the golang package of the Debian GNU/Linux operating system is related to a lack of protection for service data. data. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive information A vulnerability in the golang package of the...

Moderate: Red Hat Security Advisory: emacs security update

An update for emacs is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service. Red Hat Product Security has rated this update as...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.5.6.5)

The version of AOS installed on the remote host is prior to 6.5.6.5. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.5.6.5 advisory. - Certain DNSSEC aspects of the DNS protocol in RFC 4033, 4034, 4035, 6840, and related RFCs allow remote attackers to cause ...

RHEL 8 : emacs (RHSA-2024:4971)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:4971 advisory. GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language elisp, and the...

ROS-20240730-15

A vulnerability in the dstring.c component of the Debian GNU/Linux operating system cpio package is caused by an integer overflow. overflow. Exploitation of the vulnerability could allow an attacker to cause a stack overflow via a generated file...

[SECURITY] Fedora 39 Update: exim-4.98-1.fc39

Exim is a message transfer agent MTA developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail 3, but its facilities are more general. There is a great deal ...

[SECURITY] Fedora 40 Update: exim-4.98-1.fc40

Exim is a message transfer agent MTA developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail 3, but its facilities are more general. There is a great deal ...

USN-6755-1: GNU cpio vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description Ingo Brückl discovered that cpio contained a path traversal vulnerability. If a user or automated system were tricked into extracting a specially crafted cpio archive, an attacker could possibly use this...

[SECURITY] Fedora 40 Update: xmedcon-0.24.0-1.fc40

This project stands for Medical Image Conversion and is released under the GNU's LGPL license. It bundles the C source code, a library, a flexible command-line utility and a graphical front-end based on the amazing Gtk+ toolkit. Its main purpose is image conversion while preserving valuable medic...

[SECURITY] Fedora 39 Update: xmedcon-0.24.0-1.fc39

This project stands for Medical Image Conversion and is released under the GNU's LGPL license. It bundles the C source code, a library, a flexible command-line utility and a graphical front-end based on the amazing Gtk+ toolkit. Its main purpose is image conversion while preserving valuable medic...

Amazon Linux 2023 : wget (ALAS2023-2024-657)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-657 advisory. url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent i...

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2024-2028)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : telnet (EulerOS-SA-2024-1948)

According to the versions of the telnet package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. ...

EulerOS 2.0 SP9 : telnet (EulerOS-SA-2024-1975)

According to the versions of the telnet package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : telnetd in GNU Inetutils through 2.3, MIT krb5-appl through 1.0.3, and derivative works has a NULL pointer dereference via 0xff 0xf7 or 0xff 0xf8. ...

Huawei EulerOS: Security Advisory for telnet (EulerOS-SA-2024-1948)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OESA-2024-1845 glibc security update

The GNU C Library project provides the core libraries for the GNU system and GNU/Linux systems, as well as many other systems that use Linux as the kernel. These libraries provide critical APIs including ISO C11, POSIX.1-2008, BSD, OS-specific APIs and more. These APIs include such foundational...