Ubuntu 20.04 LTS : GNU binutils vulnerability (USN-6160-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6160-1 advisory. It was discovered that GNU binutils incorrectly performed bounds checking operations when parsing stabs debugging information. An attacker could possibly use this...

Anevia Flamingo XS 3.6.5 Authenticated Root Remote Code Execution

Anevia Flamingo XS 3.6.5 Authenticated Root Remote Code Execution Vendor: Ateme Product web page: https://www.ateme.com Affected version: 3.6.5 Hardware revision: 1.1 SoapLive 2.4.0 SoapSystem 1.3.1 Summary: Flamingo XL, a new modular and high-density IPTV head-end product for hospitality and...

Anevia Flamingo XS 3.6.5 Authenticated Root Remote Code Execution Vulnerability

Anevia Flamingo XS version 3.6.5 suffers from an authenticated remote code execution vulnerability. A remote attacker can exploit this issue and execute arbitrary system commands granting her system access with root privileges. Anevia Flamingo XS 3.6.5 Authenticated Root Remote Code Execution...

Huawei EulerOS: Security Advisory for libtasn1 (EulerOS-SA-2023-2225)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for emacs (EulerOS-SA-2023-2237)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2023-2207)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 37 : less (2023-71442d7613)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-71442d7613 advisory. Security fix for CVE-2022-46663 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

Anevia Flamingo XS 3.6.5 Authenticated Root Remote Code Execution

Summary Flamingo XL, a new modular and high-density IPTV head-end product for hospitality and corporate markets. Flamingo XL captures live TV and radio content from satellite, cable, digital terrestrial and analog sources before streaming it over IP networks to STBs, PCs or other IP-connected...

Anevia Flamingo XL 3.6.20 Authenticated Root Remote Code Execution

Summary Flamingo XL, a new modular and high-density IPTV head-end product for hospitality and corporate markets. Flamingo XL captures live TV and radio content from satellite, cable, digital terrestrial and analog sources before streaming it over IP networks to STBs, PCs or other IP-connected...

Anevia Flamingo XL 3.2.9 (login) Remote Root Jailbreak

Summary Flamingo XL, a new modular and high-density IPTV head-end product for hospitality and corporate markets. Flamingo XL captures live TV and radio content from satellite, cable, digital terrestrial and analog sources before streaming it over IP networks to STBs, PCs or other IP-connected...

Anevia Flamingo XL/XS 3.6.x Default/Hard-coded Credentials

Summary Flamingo XL, a new modular and high-density IPTV head-end product for hospitality and corporate markets. Flamingo XL captures live TV and radio content from satellite, cable, digital terrestrial and analog sources before streaming it over IP networks to STBs, PCs or other IP-connected...

Huawei EulerOS: Security Advisory for libtasn1 (EulerOS-SA-2023-2156)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AZL-52827 CVE-2023-29405 affecting package golang for versions less than 1.20.7-1

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. Flags containing...

AZL-79012 CVE-2023-29405 affecting package golang 1.25.7-1

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. Flags containing...

AZL-27123 CVE-2023-29405 affecting package msft-golang for versions less than 1.20.7-1

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. Flags containing...

UBUNTU-CVE-2023-29405

The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a "cgo LDFLAGS" directive. Flags containing...

Security Bulletin: CVE-2022-48303 may affect IBM CICS TX Advanced 10.1

Summary CVE-2022-48303 may affect IBM CICS TX Advanced 10.1. IBM CICS TX Advanced 10.1 has addressed the applicable CVE. Vulnerability Details CVEID:CVE-2022-48303 DESCRIPTION: GNU Tar is vulnerable to a heap-based buffer overflow, caused by an out-of-bounds read in the fromheader function in...

EulerOS 2.0 SP8 : tar (EulerOS-SA-2023-2198)

According to the versions of the tar package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change th...

Security Bulletin: IBM Planning Analytics Workspace has addressed a vulnerability in GNU zlib (CVE-2022-37434)

Summary IBM Planning Analytics Workspace is vulnerable to a heap-based overlow in GNU zlib . GNU zlib has been upgraded in IBM Planning Analytics Workspace. Vulnerability Details CVEID:CVE-2022-37434 DESCRIPTION: zlib is vulnerable to a heap-based buffer overflow, caused by improper bounds checki...

EulerOS Virtualization 2.11.1 : emacs (EulerOS-SA-2023-2068)

According to the versions of the emacs package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because...