11 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-5741
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - To provide fine-grained controls over the ability to use Dynamic DNS DDNS to update records in a zone, BIND 9 provides a feature called update-policy. Various...
RHEL 7 : tomcat (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - tomcat: XSS in SSI printenv CVE-2019-0221 - The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14,...
Arbitrary Code Execution
Apache airflow hdfs provider package is found to be vulnerable to code execution. Incorrect documentation points users to install an incorrect pip package. Since this package is unverified, an attacker can claim this package and provide code that would be executed when this package was installed...
Advisory ROSA-SA-2021-1924
Software: mpfr 3.1.1 OS: Cobalt 7.9 CVE-ID: CVE-2014-9474 CVE-Crit: CRITICAL CVE-DESC: Buffer overflow in mpfrstrtofr function in GNU MPFR before 3.1.2-p11 allows context-sensitive attackers to have undefined impact via vectors associated with incorrect documentation for mpnsetstr. CVE-STATUS:...
EulerOS 2.0 SP5 : bind (EulerOS-SA-2019-2128)
According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - 'managed-keys' is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for us...
Amazon Linux AMI : tomcat80 (ALAS-2018-973)
Incorrect documentation of CGI Servlet search algorithm may lead to misconfiguration : As part of the fix for bug 61201, the documentation for Apache Tomcat included an updated description of the search algorithm used by the CGI Servlet to identify which script to execute. The update was not...
CVE-2014-9474
Buffer overflow in the mpfrstrtofr function in GNU MPFR before 3.1.2-p11 allows context-dependent attackers to have unspecified impact via vectors related to incorrect documentation for mpnsetstr...
Buffer overflow
Buffer overflow in the mpfrstrtofr function in GNU MPFR before 3.1.2-p11 allows context-dependent attackers to have unspecified impact via vectors related to incorrect documentation for mpnsetstr...
CVE-2014-9474
Buffer overflow in the mpfrstrtofr function in GNU MPFR before 3.1.2-p11 allows context-dependent attackers to have unspecified impact via vectors related to incorrect documentation for mpnsetstr...
CVE-2014-9474
Buffer overflow in the mpfrstrtofr function in GNU MPFR before 3.1.2-p11 allows context-dependent attackers to have unspecified impact via vectors related to incorrect documentation for mpnsetstr...
MGASA-2015-0021 Updated mpfr packages fix CVE-2014-9474
Updated mpfr packages fix security vulnerability: A buffer overflow was reported in mpfr. This is due to incorrect GMP documentation for mpnsetstr about the size of a buffer CVE-2014-9474...