Fedora Update for keepalived FEDORA-2018-3fbc181b3e

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Important: kernel

Issue Overview: Modern Intel microprocessors implement hardware-level micro-optimizations to improve the performance of writing data back to CPU caches. The write operation is split into STA STore Address and STD STore Data sub-operations. These sub-operations allow the processor to hand-off...

Important: kernel

Issue Overview: - Microarchitectural Store Buffer Data Sampling MSBDS CVE-2018-12126 - Microarchitectural Fill Buffer Data Sampling MFBDS CVE-2018-12130 - Microarchitectural Load Port Data Sampling MLPDS CVE-2018-12127 - Microarchitectural Data Sampling Uncacheable Memory MDSUM CVE-2019-11091...

Fedora Update for lighttpd FEDORA-2018-cd5a9c3c0f

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2019-4740 · Simple Directmedia Layer +1 · Sdl +2

Name of the Vulnerable Software and Affected Versions: Simple DirectMedia Layer SDL version 2.0.9 SDL2 image version 2.0.4 Description: The issue is related to a heap-based buffer overflow in the IMG LoadPCX RW function, located in IMG pcx.c, which can lead to a denial of service. This overflow...

CVE-2018-15388

A vulnerability in the WebVPN login process of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. The vulnerability is due to excessive processing...

Information Disclosure

Firefox, Firefox ESR and Thunderbird are vulnerable to information disclosure. Remote attackers could exploit the vulnerable Video Caption Handler component by load video captions from other domains to cause potential information disclosure for video captions...

Arbitrary Code Execution

Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.6.1. See the following advisory for the container imag...

Authorization Bypass

Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.6.1. See the following advisory for the container imag...

Information Disclosure

Red Hat OpenShift Container Platform is the company's cloud computing Platform-as-a-Service PaaS solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.6.1. See the following advisory for the container imag...

Cross-site Scripting (XSS)

OpenStack Dashboard Horizon provides administrators and users with a graphical interface to access, provision, and automate cloud-based resources. Two security issues were discovered in the Horizon dashboard and are addressed in this update: A cross-site scripting XSS flaw was found in the Horizo...

Sierra Wireless AirLink ES450 Information Disclosure Vulnerability (CNVD-2019-13397)

The Sierra Wireless AirLink ES450 is a cellular network modem device from Sierra Wireless Canada. An information disclosure vulnerability exists in the ACEManager templateload.cgi function in the Sierra Wireless AirLink ES450 using firmware version 4.9.3. The vulnerability stems from an error in...

CVE-2019-2557

Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite subcomponent: Load Testing for Web Apps. The supported version that is affected is 13.3.0.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2011-1830

Ekiga versions before 3.3.0 attempted to load a module from /tmp/ekigatest.so...

Improper Restriction of Recursive Entity References in DTDs ('XML Entity Expansion')

c3p0 version 0.9.5.4 may be exploited by a billion laughs attack when loading XML configuration due to missing protections against recursive entity expansion when loading configuration...

Code injection

Ekiga versions before 3.3.0 attempted to load a module from /tmp/ekigatest.so...

CVE-2011-1830

Ekiga versions before 3.3.0 attempted to load a module from /tmp/ekigatest.so...

CVE-2011-1830 Ekiga attempts to dlopen /tmp/ekiga_test.so

Ekiga versions before 3.3.0 attempted to load a module from /tmp/ekigatest.so...

Anevicon - A High-Performant UDP-based Load Generator

A high-performant traffic generator, designed to be as convenient and reliable as it is possible. It sends numerous UDP-packets to a server, thereby simulating an activity that can be produced by your end users or a group of hackers. Installation From package registry This command will download t...

CVE-2019-1686

A vulnerability in the TCP flags inspection feature for access control lists ACLs on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to bypass protection offered by a configured ACL on an affected device. The vulnerability is due to incorrect...