236 matches found
Huawei EulerOS: Security Advisory for libevent (EulerOS-SA-2017-1090)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libevent (EulerOS-SA-2019-1439)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libevent (EulerOS-SA-2017-1091)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libevent (EulerOS-SA-2019-2515)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP2 : libevent (EulerOS-SA-2019-2515)
According to the versions of the libevent package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Multiple integer overflows in the evbuffer API in Libevent 1.4.x before 1.4.15, 2.0.x before 2.0.22, and 2.1.x before 2.1.5-beta allow...
Amazon Linux 2 : libevent (ALAS-2019-1359)
Multiple integer overflows in the evbuffer API in Libevent 1.4.x before 1.4.15, 2.0.x before 2.0.22, and 2.1.x before 2.1.5-beta allow context-dependent attackers to cause a denial of service or possibly have other unspecified impact via 'insanely large inputs' to the 1 evbufferadd, 2...
Medium: libevent
Issue Overview: Multiple integer overflows in the evbuffer API in Libevent 1.4.x before 1.4.15, 2.0.x before 2.0.22, and 2.1.x before 2.1.5-beta allow context-dependent attackers to cause a denial of service or possibly have other unspecified impact via "insanely large inputs" to the 1 evbufferad...
openSUSE: Security Advisory for links (openSUSE-SU-2019:2185-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : links (openSUSE-2019-2185)
This update for links fixes the following issues : links was updated to 2.20.1 : - libevent bug fixes links was updated to 2.20 : - Security bug fixed: when links was connected to tor, it would send real dns requests outside the tor network when the displayed page contains link elements with...
Security update for links (moderate)
openSUSE Security Update: Security update for links Announcement ID: openSUSE-SU-2019:2185-1 Rating: moderate References: 1149886 Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 openSUSE Backports SLE-15-SP1 openSUSE Backports SLE-15 An update that contains security fixes can now be...
EulerOS Virtualization 3.0.1.0 : libevent (EulerOS-SA-2019-1439)
According to the versions of the libevent package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Multiple integer overflows in the evbuffer API in Libevent 1.4.x before 1.4.15, 2.0.x before 2.0.22, and 2.1.x before 2.1.5-beta...
Stack-based Buffer Overflow
libevent is vulnerable to stack-based buffer overflow attacks. an attacker could cause the application to crash when parsing a malformed address in IPv6 notation of more than 2GiB in length resulting in denial of service conditions...
Out-of-bounds Read
libevent is vulnerable to out-of-bounds reads. A remote attacker could cause denial of service via an out-of-bounds read by forcing the application to resolve an empty hostname. Affected is the function searchmakenew of the file evdns.c...
Photon OS 1.0: Libevent PHSA-2017-0013
An update of the libevent package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0013. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121684;...
Arbitrary Code Execution
firefox and thunderbird is vulnerable to arbitrary code execution attacks. The vulnerability exists as the nameparse function in evdns.c in libevent before 2.1.6-beta allows remote attackers to have unspecified impact via vectors involving the labellen variable, which triggers an out-of-bounds...
Photon OS 1.0: Cracklib / Glibc / Httpd / Libevent / Libgcrypt PHSA-2017-0013 (deprecated)
An update of cracklib,libevent,libgcrypt,httpd,glibc packages for PhotonOS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0013. The text itself is...
EulerOS 2.0 SP3 : libevent (EulerOS-SA-2018-1164)
According to the version of the libevent package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Multiple integer overflows in the evbuffer API in Libevent 1.4.x before 1.4.15, 2.0.x before 2.0.22, and 2.1.x before 2.1.5-beta allow...
SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2018:1765-1)
This update for ntp fixes the following issues : - Update to 4.2.8p11 bsc1082210 : - CVE-2016-1549: Sybil vulnerability: ephemeral association attack. While fixed in ntp-4.2.8p7, there are significant additional protections for this issue in 4.2.8p11. - CVE-2018-7182: ctlgetitem: buffer read...
Remote Code Execution (RCE)
libevent.so is vulnerable to remote code execution RCE. The application contains multiple integer overflows in the evbufferadd, evbufferexpand and buffereventwrite functions in buffer.c that can lead to the application crashing or arbitrary code being executed...
openSUSE Security Update : ntp (openSUSE-2018-376)
This update for ntp fixes the following issues : - Update to 4.2.8p11 bsc1082210 : - CVE-2016-1549: Sybil vulnerability: ephemeral association attack. While fixed in ntp-4.2.8p7, there are significant additional protections for this issue in 4.2.8p11. - CVE-2018-7182: ctlgetitem: buffer read...