Arbitrary Code Execution

netpbm is vulnerable to arbitrary code execution. The vulnerability exists as an input validation flaw and multiple integer overflows were discovered in the JasPer library providing support for JPEG-2000 image format and used in the jpeg2ktopam and pamtojpeg2k converters. An attacker could create...

Videolabs libmicrodns Input Validation Error Vulnerability

Videolabs libmicrodns is a cross-platform mDNS multicast DNS resolver from Videolabs Labs in France. An input validation error vulnerability exists in the TXT record parsing feature of Videolabs libmicrodns 0.1.0. The vulnerability stems from a network system or product that does not properly...

CVE-2020-6073

An exploitable denial-of-service vulnerability exists in the TXT record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing the RDATA section in a TXT record in mDNS messages, multiple integer overflows can be triggered, leading to a denial of service. An attacker can send an mDNS...

CVE-2020-6073

An exploitable denial-of-service vulnerability exists in the TXT record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing the RDATA section in a TXT record in mDNS messages, multiple integer overflows can be triggered, leading to a denial of service. An attacker can send an mDNS...

CVE-2020-6073

An exploitable denial-of-service vulnerability exists in the TXT record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing the RDATA section in a TXT record in mDNS messages, multiple integer overflows can be triggered, leading to a denial of service. An attacker can send an mDNS...

CVE-2020-6073

An exploitable denial-of-service vulnerability exists in the TXT record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing the RDATA section in a TXT record in mDNS messages, multiple integer overflows can be triggered, leading to a denial of service. An attacker can send an mDNS...

EulerOS Virtualization for ARM 64 3.0.2.0 : libpng (EulerOS-SA-2020-1256)

According to the versions of the libpng package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - Multiple integer overflows in libpng before 1.5.14rc03 allow remote attackers to cause a denial of service crash via a...

Huawei EulerOS: Security Advisory for libpng (EulerOS-SA-2020-1256)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP2 : libXtst (EulerOS-SA-2020-1093)

According to the versions of the libXtst packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - X.Org X11 libXtst runtime librarySecurity Fixes:Multiple integer overflows in X.org libXtst before 1.2.3 allow remote X servers to trigger...

Huawei EulerOS: Security Advisory for libXtst (EulerOS-SA-2020-1093)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 6 : spice-gtk (ELSA-2020-0471)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-0471 advisory. 0.26-8.2 - Fix insufficient encoding checks for LZ Resolves: rhbz1598651 0.26-8.1 - Fix flexible array buffer overflow Resolves: rhbz1596008 Tenable has extract...

spice security update

CentOS Errata and Security Advisory CESA-2020:0471 An update for spice-gtk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severit...

Moderate: Red Hat Security Advisory: spice-gtk security update

An update for spice-gtk is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

CVE-2014-4860

Multiple integer overflows in the Pre-EFI Initialization PEI boot phase in the Capsule Update feature in the UEFI implementation in EDK2 allow physically proximate attackers to bypass intended access restrictions by providing crafted data that is not properly handled during the coalescing phase...

CVE-2014-4860

Multiple integer overflows in the Pre-EFI Initialization PEI boot phase in the Capsule Update feature in the UEFI implementation in EDK2 allow physically proximate attackers to bypass intended access restrictions by providing crafted data that is not properly handled during the coalescing phase...

CVE-2014-4860

Multiple integer overflows in the Pre-EFI Initialization PEI boot phase in the Capsule Update feature in the UEFI implementation in EDK2 allow physically proximate attackers to bypass intended access restrictions by providing crafted data that is not properly handled during the coalescing phase...

Huawei EulerOS: Security Advisory for procps-ng (EulerOS-SA-2018-1199)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libevent (EulerOS-SA-2019-2515)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libxml2 (EulerOS-SA-2019-1559)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-4608-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...