291 matches found
SUSE-SU-2020:2275-1 Security update for python
This update for python fixes the following issues: - CVE-2019-20907: Avoid a possible infinite loop caused by specifically crafted tarballs bsc1174091...
Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-1249)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-1247)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for php (EulerOS-SA-2019-1069)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for php (EulerOS-SA-2018-1310)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for php (EulerOS-SA-2018-1309)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libjpeg-turbo (EulerOS-SA-2018-1298)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-1000075
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a infinite loop caused by negative size vulnerability in ruby gem package tar header that can...
SUSE SLED12 / SLES12 Security Update : libarchive (SUSE-SU-2019:3092-1)
This update for libarchive fixes the following issues : Security issues fixed : CVE-2018-1000877: Fixed a double free vulnerability in RAR decoder bsc1120653. CVE-2018-1000878: Fixed a Use-After-Free vulnerability in RAR decoder bsc1120654. CVE-2019-1000019: Fixed an Out-Of-Bounds Read...
SUSE SLED15 / SLES15 Security Update : libarchive (SUSE-SU-2019:3093-1)
This update for libarchive fixes the following issues : Security issues fixed : CVE-2018-1000877: Fixed a double free vulnerability in RAR decoder bsc1120653. CVE-2018-1000878: Fixed a Use-After-Free vulnerability in RAR decoder bsc1120654. CVE-2019-1000019: Fixed an Out-Of-Bounds Read...
The vulnerability of the streaming filter iconv (ext/iconv/iconv.c) in the PHP programming language interpreter allows a hacker to cause a service failure.
The vulnerability of the stream filter iconv ext/iconv/iconv.c in the PHP programming language is related to an infinite loop that can occur due to input errors. Exploiting this vulnerability allows a malicious actor to cause service failures remotely...
CVE-2019-9376
In Account of Account.java, there is a possible boot loop due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: Android; Versions: Android-9, Android-8.0, Android-8.1;...
CentOS 7 : ruby (CESA-2019:2028)
An update for ruby is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
Scientific Linux Security Update : ruby on SL7.x x86_64 (20190806)
Security Fixes : - ruby: HTTP response splitting in WEBrick CVE-2017-17742 - ruby: DoS by large request in WEBrick CVE-2018-8777 - ruby: Buffer under-read in Stringunpack CVE-2018-8778 - ruby: Unintentional directory traversal by poisoned NULL byte in Dir CVE-2018-8780 - ruby: Tainted flags are n...
RHEL 7 : ruby (RHSA-2019:2028)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2028 advisory. Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system...
Moderate: Red Hat Security Advisory: ruby security update
An update for ruby is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...
OPENSUSE-SU-2019:0008-1 Security update for libraw
This update for libraw fixes the following issues: The following security vulnerabilities were addressed: - CVE-2018-5813: Fixed an error within the 'parseminolta' function dcraw/dcraw.c that could be exploited to trigger an infinite loop via a specially crafted file. This could be exploited to...
F5 BIG-IP Infinite Loop Vulnerability
F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. An infinite loop vulnerability exists in F5 BIG-IP. An attacker could exploit this vulnerability to cause the system to...
MGASA-2019-0037 Updated libvncserver & x11vnc packages fix security vulnerabilities
A heap use-after-free vulnerability in the server code of the file transfer extension, which can result in remote code execution. This attack appears to be exploitable via network connectivity CVE-2018-6307. A heap use-after-free vulnerability in the server code of the file transfer extension,...
SUSE-SU-2019:0005-1 Security update for libraw
This update for libraw fixes the following issues: Security issues fixed: The following security vulnerabilities were addressed: - CVE-2018-5813: Fixed an error within the 'parseminolta' function dcraw/dcraw.c that could be exploited to trigger an infinite loop via a specially crafted file. This...