CVE-2019-14210

An issue was discovered in Foxit PhantomPDF before 8.3.10. The application could be exposed to Memory Corruption due to the use of an invalid pointer copy, resulting from a destructed string object...

EulerOS 2.0 SP8 : gnutls (EulerOS-SA-2019-1649)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the way gnutls handled malformed TLS 1.3 asynchronous messages. An attacker could use this flaw to crash an application...

CVE-2019-12323

The HC.Server service in Hosting Controller HC10 10.14 allows an Invalid Pointer Write DoS...

CVE-2019-12323

The HC.Server service in Hosting Controller HC10 10.14 allows an Invalid Pointer Write DoS...

Code injection

The HC.Server service in Hosting Controller HC10 10.14 allows an Invalid Pointer Write DoS...

CVE-2019-12323

The HC.Server service in Hosting Controller HC10 10.14 allows an Invalid Pointer Write DoS...

CVE-2019-12323

The CVE-2019-12323 entry concerns Hosting Controller HC10 HC.Server Service 10.14. Affected software: HC10 HC.Server Service 10.14. Vulnerability: Remote Invalid Pointer Write that can cause a DoS if the service is reachable (port 8794). Root cause: invalid pointer write within HC.Server. Impact:...

HC10 HC.Server Service 10.14 - Remote Invalid Pointer Write Vulnerability

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/HC10-HC.SERVER-10.14-REMOTE-INVALID-POINTER-WRITE.txt + ISR: ApparitionSec Vendor www.hostingcontroller.com Product HC10 HC.Server Service 10.14 HC10 is a unified hosting...

HC10 HC.Server Service 10.14 - Remote Invalid Pointer Write

HC10 HC.Server Service 10.14 - Remote Invalid Pointer Write + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/HC10-HC.SERVER-10.14-REMOTE-INVALID-POINTER-WRITE.txt + ISR: ApparitionSec Vendor www.hostingcontroller.com Produ...

HC10 HC.Server Service 10.14 Remote Invalid Pointer Write

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/HC10-HC.SERVER-10.14-REMOTE-INVALID-POINTER-WRITE.txt + ISR: ApparitionSec Vendor www.hostingcontroller.com Product HC10 HC.Server Service 10.14 HC10 is a unified hosting...

HC10 HC.Server Service 10.14 - Remote Invalid Pointer Write

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/HC10-HC.SERVER-10.14-REMOTE-INVALID-POINTER-WRITE.txt + ISR: ApparitionSec Vendor www.hostingcontroller.com Product HC10 HC.Server Service 10.14 HC10 is a unified hosting...

libvirt security update

CentOS Errata and Security Advisory CESA-2019:1264 An update for libvirt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Important: Red Hat Security Advisory: libvirt security and bug fix update

An update for libvirt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1519)

According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The IPv6 SCTP implementation in net/sctp/ipv6.c in the Linux kernel through 3.11.1 uses data structures and function...

FreeBSD : GnuTLS -- double free, invalid pointer access (fb30db8f-62af-11e9-b0de-001cc0382b2f)

The GnuTLS project reports : - Tavis Ormandy from Google Project Zero found a memory corruption double free vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected. - It was found using the TLS...

[ASA-201904-2] gnutls: multiple issues

Arch Linux Security Advisory ASA-201904-2 ========================================= Severity: Critical Date : 2019-04-05 CVE-ID : CVE-2019-3829 CVE-2019-3836 Package : gnutls Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-945 Summary ======= The package gnutls befor...

Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2019-4533)

The remote Oracle Linux 5 / 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4533 advisory. - ext4: validate that metadata blocks do not overlap superblock Theodore Ts'o Orabug: 28220576 CVE-2018-1094 Tenable has extracted the preceding...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4532)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4532 advisory. - ext4: validate that metadata blocks do not overlap superblock Theodore Ts'o Orabug: 28220451 CVE-2018-1094 - ext4: always initialize the crc32c...

PHP 5.6.x < 5.6.31 Multiple Vulnerabilities

According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.31. It is, therefore, affected by the following vulnerabilities : - An out-of-bounds read error exists in the PCRE library in the compilebracketmatchingpath function within file pcrejitcompile.c. An...

CVE-2018-19876

cairo 1.16.0, in cairoftapplyvariations in cairo-ft-font.c, would free memory using a free function incompatible with WebKit's fastMalloc, leading to an application crash with a "free: invalid pointer" error...