Mageia: Security Advisory (MGASA-2025-0086)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2017-7394

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In TigerVNC 1.7.1 SSecurityPlain.cxx SSecurityPlain::processMsg, unauthenticated users can crash the server by sending long usernames. CVE-2017-7394 Note that...

Linux Distros Unpatched Vulnerability : CVE-2016-2365

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent via the server could potentially resul...

Linux Distros Unpatched Vulnerability : CVE-2020-29509

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The encoding/xml package in Go all versions does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which...

Linux Distros Unpatched Vulnerability : CVE-2016-7875

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable integer overflow vulnerability in the BitmapData class...

Linux Distros Unpatched Vulnerability : CVE-2020-9895

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8, watchOS 6.2.8, Safari 13.1.2...

Linux Distros Unpatched Vulnerability : CVE-2017-9112

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In OpenEXR 2.2.0, an invalid read of size 1 in the getBits function in ImfHuf.cpp could cause the application to crash. CVE-2017-9112 Note that Nessus relies on...

Linux Distros Unpatched Vulnerability : CVE-2013-0446

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11 and 6 through Update 38 allows remote attackers to...

Linux Distros Unpatched Vulnerability : CVE-2013-7488

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - perl-Convert-ASN1 aka the Convert::ASN1 module for Perl through 0.27 allows remote attackers to cause an infinite loop via unexpected input. CVE-2013-7488 Note...

Linux Distros Unpatched Vulnerability : CVE-2016-7946

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - X.org libXi before 1.7.7 allows remote X servers to cause a denial of service infinite loop via vectors involving length fields. CVE-2016-7946 Note that Nessus...

Linux Distros Unpatched Vulnerability : CVE-2016-3120

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The validateasrequest function in kdcutil.c in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 before 1.13.6 and 1.4.x before 1.14.3, when...

Linux Distros Unpatched Vulnerability : CVE-2018-8777

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker can pass a large HTTP request with a crafted...

Linux Distros Unpatched Vulnerability : CVE-2017-5969

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libxml2 2.9.4, when used in recover mode, allows remote attackers to cause a denial of service NULL pointer dereference via a crafted XML document. NOTE: The...

Linux Distros Unpatched Vulnerability : CVE-2019-8680

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2,...

Linux Distros Unpatched Vulnerability : CVE-2015-1159

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in the cgiputs function in cgi-bin/template.c in the template engine in CUPS before 2.0.3 allows remote attackers to inje...

Linux Distros Unpatched Vulnerability : CVE-2017-5884

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gtk-vnc before 0.7.0 does not properly check boundaries of subrectangle-containing tiles, which allows remote servers to execute arbitrary code via the src x, y...

Linux Distros Unpatched Vulnerability : CVE-2015-5602

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in...

Linux Distros Unpatched Vulnerability : CVE-2019-17595

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a heap-based buffer over-read in the fmtentry function in tinfo/comphash.c in the terminfo library in ncurses before 6.1-20191012. CVE-2019-17595 Note...

Linux Distros Unpatched Vulnerability : CVE-2018-11508

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The compatgettimex function in kernel/compat.c in the Linux kernel before 4.16.9 allows local users to obtain sensitive information from kernel memory via...

Linux Distros Unpatched Vulnerability : CVE-2015-9099

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The lameinitparams function in lame.c in libmp3lame.a in LAME 3.99.5 allows remote attackers to cause a denial of service invalid read and application crash via...