9164 matches found
SUSE SLED15 / SLES15 Security Update : openssl-1_1 (SUSE-SU-2019:0678-1)
This update for openssl-11 OpenSSL Security Advisory 6 March 2019 fixes the following issues : Security issue fixed : CVE-2019-1543: Fixed an implementation error in ChaCha20-Poly1305 where it was allowed to set IV with more than 12 bytes bsc1128189. Other issues addressed: Fixed a segfault in...
OPENSUSE-SU-2019:0204-1 Security update for chromium
This update for Chromium to version 72.0.3626.96 fixes the following issues: Security issues fixed bsc1123641 and bsc1124936: - CVE-2019-5784: Inappropriate implementation in V8 - CVE-2019-5754: Inappropriate implementation in QUIC Networking. - CVE-2019-5782: Inappropriate implementation in V8. ...
SMS-Stack - Framework to provided TPC/IP based characteristics to the GSM Short Message Service
Sms Stack is a Framework to provided TPC/IP based characteristics to the GSM Short Message Service. This framework works in multiple environments to provided a full stack integration in a service. The main layer features techniques to control the order and the number of sms for a given stream, an...
CVE-2019-7222
The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak...
Design/Logic Flaw
The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak...
CVE-2018-16789
libhttp/url.c in shellinabox through 2.20 has an implementation flaw in the HTTP request parsing logic. By sending a crafted multipart/form-data HTTP request, an attacker could exploit this to force shellinaboxd into an infinite loop, exhausting available CPU resources and taking the service down...
SUSE-SU-2019:0678-1 Security update for openssl-1_1
This update for openssl-11 OpenSSL Security Advisory 6 March 2019 fixes the following issues: Security issue fixed: - CVE-2019-1543: Fixed an implementation error in ChaCha20-Poly1305 where it was allowed to set IV with more than 12 bytes bsc1128189. Other issues addressed: - Fixed a segfault in...
CVE-2019-7222
The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak...
PuTTY memory overwrite vulnerability
PuTTY is a free implementation of SSH and Telnet for Windows and Unix platforms and an xterm terminal emulator. A memory overwrite vulnerability exists in PuTTY versions prior to 0.71. A remote attacker can exploit this vulnerability to overwrite memory...
Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3910-1)
The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3910-1 advisory. It was discovered that the f2fs filesystem implementation in the Linux kernel did not handle the noflushmerge mount option correctly. An attacker could u...
[SECURITY] Fedora 29 Update: advancecomp-2.1-9.fc29
AdvanceCOMP is a set of recompression utilities for .PNG, .MNG and .ZIP fil es. The main features are : Recompress ZIP, PNG and MNG files using the Deflate 7-Zip implementation. Recompress MNG files using Delta and Move optimization. This package contains: advzip - Recompression and test utility...
[SECURITY] [DLA 1715-1] linux-4.9 security update
Package : linux-4.9 Version : 4.9.144-3.1deb8u1 CVE ID : CVE-2017-18249 CVE-2018-1128 CVE-2018-1129 CVE-2018-3639 CVE-2018-5391 CVE-2018-5848 CVE-2018-6554 CVE-2018-12896 CVE-2018-13053 CVE-2018-13096 CVE-2018-13097 CVE-2018-13100 CVE-2018-13406 CVE-2018-14610 CVE-2018-14611 CVE-2018-14612...
Important: Red Hat Security Advisory: .NET Core on Red Hat Enterprise Linux security update for March 2019
Updates for rh-dotnetcore10-dotnetcore, rh-dotnetcore11-dotnetcore, rh-dotnet21-dotnet, and rh-dotnet22-dotnet are now available for .NET Core on Red Hat Enterprise Linux. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring Syste...
Microsoft Internet Explorer CustomEvent Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Debian: Security Advisory (DSA-4403-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Google Chrome < M72 - PaymentRequest Service Use-After-Free Exploit
Google Chrome M72 - PaymentRequest Service Use-After-Free Exploit There are several object-lifetime issues in the browser process in the implementation of payments.mojom.PaymentRequest. The PaymentRequest object contains a std::uniqueptr to a PaymentRequestSpec, which is initialised during the ca...
Moderate: Red Hat Security Advisory: chromium-browser security update
An update for chromium-browser is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...
chromium-browser: Inappropriate implementation in V8
Incorrect handling of deferred code in V8 in Google Chrome prior to 72.0.3626.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
Command injection
In Signiant Manager+Agents before 13.5, the implementation of the set command has a Buffer Overflow...
[SECURITY] Fedora 29 Update: createrepo_c-0.12.1-1.fc29
C implementation of Createrepo. A set of utilities createrepoc, mergerepoc, modifyrepoc for generating a common metadata repository from a directory of rpm packages and maintaining it...