723 matches found
libssh: Arbitrary code execution
Background libssh is a C library providing SSHv2 and SSHv1. Description Multiple buffer overflow, double free, and integer overflow vulnerabilities have been discovered in libssh. Impact A remote attacker could possibly execute arbitrary code with the privileges of the process or cause a Denial o...
mysql55 security update
CentOS Errata and Security Advisory CESA-2014:0186 Updated mysql55-mysql packages that fix several security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVS...
GLSA-201401-29 : VIPS: Privilege Escalation
The remote host is affected by the vulnerability described in GLSA-201401-29 VIPS: Privilege Escalation VIPS places a zero-length directory name in the LDLIBRARYPATH, which might result in the current working directory . to be included when searching for dynamically linked libraries. Impact : A...
GLSA-201401-19 : GMime: Arbitrary code execution
The remote host is affected by the vulnerability described in GLSA-201401-19 GMime: Arbitrary code execution GMime contains a buffer overflow flaw in the GMIMEUUENCODELEN macro in gmime/gmime-encodings.h. Impact : A context-dependent attacker could possibly execute arbitrary code or cause a Denia...
GLSA-201312-14 : libsndfile: Arbitrary code execution
The remote host is affected by the vulnerability described in GLSA-201312-14 libsndfile: Arbitrary code execution An integer overflow flaw has been discovered in Libsndfile. Impact : A remote attacker could entice a user to open a specially crafted PAF file using libsndfile, possibly resulting in...
coreutils security update
CentOS Errata and Security Advisory CESA-2013:1652 Updated coreutils packages that fix three security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having low security impact. Common...
RedHat Update for qspice RHSA-2013:1474-01
Check for the Version of qspice OpenVAS Vulnerability Test RedHat Update for qspice RHSA-2013:1474-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...
SuSE 11.3 Security Update : xorg-x11-libs (SAT Patch Number 7944)
This update of xorg-x11-libs fixes several integer and buffer overflow issues. Bug 815451/821663 CVE-2013-1984 / CVE-2013-1985 / CVE-2013-1986 / CVE-2013-1988 / CVE-2013-1990 / CVE-2013-1991 / CVE-2013-1992 / CVE-2013-1995 / CVE-2013-1996 / CVE-2013-1998 / CVE-2013-1999 / CVE-2013-2000 /...
Oracle Linux 5 : rpm (ELSA-2010-0679)
The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2010-0679 advisory. - fix CVE-2010-2059, fails to drop SUID/SGID bits on package upgrade 626707 Tenable has extracted the preceding description block directly from the Oracle Linux...
Oracle Linux 5 : xen (ELSA-2012-1236)
The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2012-1236 advisory. 3.0.3-135.el58.5 - console: Prevent escape sequence length overflow rhbz 851253 Tenable has extracted the preceding description block directly from the Oracle...
Oracle Linux 5 : bluez-libs / and / bluez-utils (ELSA-2008-0581)
The remote Oracle Linux 5 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2008-0581 advisory. - Fix CVE-2008-2374 Resolves: 452880 bluez-utils: Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note...
SuSE 11.2 Security Update : xorg-x11-libs (SAT Patch Number 7846)
This update of xorg-x11-libs fixes several integer and buffer overflow issues. bnc815451, bnc821663 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novell, In...
krb5 security update
CentOS Errata and Security Advisory CESA-2013:0942 Updated krb5 packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base...
USN-1842-1: KDE-Libs vulnerability
It was discovered that KIO would sometimes display web authentication credentials under certain error conditions. If a user were tricked into opening a specially crafted web page, an attacker could potentially exploit this to expose confidential information...
CentOS Update for krb5-devel CESA-2013:0748 centos6
Check for the Version of krb5-devel OpenVAS Vulnerability Test CentOS Update for krb5-devel CESA-2013:0748 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...
krb5 security update
CentOS Errata and Security Advisory CESA-2013:0656 Updated krb5 packages that fix two security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores...
hpijs3, hplip3, libsane security update
CentOS Errata and Security Advisory CESA-2013:0133 Updated hplip3 packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS...
CVE-2012-5330
Multiple cross-site scripting XSS vulnerabilities in asaanCart 0.9 allow remote attackers to inject arbitrary web script or HTML via the 1 PATHINFO to calc.php, 2 chat.php, 3 register.php, or 4 index.php in libs/smartyajax/; or the 5 page parameter to libs/smartyajax/index.php...
CVE-2012-5330
Multiple cross-site scripting XSS vulnerabilities in asaanCart 0.9 allow remote attackers to inject arbitrary web script or HTML via the 1 PATHINFO to calc.php, 2 chat.php, 3 register.php, or 4 index.php in libs/smartyajax/; or the 5 page parameter to libs/smartyajax/index.php...
libgssglue: Privilege escalation
Background libgssglue exports a GSSAPI interface which calls other random GSSAPI libraries. Description libgssglue does not securely use getenv when loading a library for a setuid application. Impact A local attacker could gain escalated privileges. Workaround There is no known workaround at this...