autotrace: bitmap double free in main.c allows attackers to cause an unspecified impact

A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182...

kernel: memory leak upon a kmalloc failure in kvm_io_bus_unregister_dev function in virt/kvm/kvm_main.c

A flaw was found in the KVM hypervisor of the Linux kernel. A memory leak could occur in kvmiobusunregisterdev upon a kmalloc failure. The highest threat from this vulnerability is to system availability...

ALSA-2021:4526 Important: mingw-glib2 security, bug fix, and enhancement update

GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. The following packages have been upgraded to...

ALSA-2021:4385 Moderate: glib2 security and bug fix update

GLib provides the core application building blocks for libraries and applications written in C. It provides the core object system used in GNOME, the main loop implementation, and a large set of utility functions for strings and common data structures. Security Fixes: glib2: Possible privilege...

NewStart CGSL MAIN 6.02 : gnutls Vulnerability (NS-SA-2021-0133)

The remote NewStart CGSL host, running version MAIN 6.02, has gnutls packages installed that are affected by a vulnerability: - A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions GOST DSA, EDDSA & ECDSA result in the Elliptic Curve...

NewStart CGSL MAIN 6.02 : python-jinja2 Vulnerability (NS-SA-2021-0131)

The remote NewStart CGSL host, running version MAIN 6.02, has python-jinja2 packages installed that are affected by a vulnerability: - In Pallets Jinja before 2.10.1, str.formatmap allows a sandbox escape. CVE-2019-10906 Note that Nessus has not tested for this issue but has instead relied only o...

NewStart CGSL CORE 5.05 / MAIN 5.05 : glib2 Vulnerability (NS-SA-2021-0157)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has glib2 packages installed that are affected by a vulnerability: - filecopyfallback in gio/gfile.c in GNOME GLib 2.15.0 through 2.61.1 does not properly restrict file permissions while a copy operation is in progress. Instead...

NewStart CGSL MAIN 6.02 : dotnet3.1 Vulnerability (NS-SA-2021-0125)

The remote NewStart CGSL host, running version MAIN 6.02, has dotnet3.1 packages installed that are affected by a vulnerability: - ASP.NET Core and Visual Studio Denial of Service Vulnerability CVE-2021-1723 Note that Nessus has not tested for this issue but has instead relied only on the...

NewStart CGSL MAIN 6.02 : wpa_supplicant Vulnerability (NS-SA-2021-0128)

The remote NewStart CGSL host, running version MAIN 6.02, has wpasupplicant packages installed that are affected by a vulnerability: - A vulnerability was discovered in how p2p/p2ppd.c in wpasupplicant before 2.10 processes P2P Wi-Fi Direct provision discovery requests. It could result in denial ...

NewStart CGSL CORE 5.05 / MAIN 5.05 : pacemaker Vulnerability (NS-SA-2021-0160)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has pacemaker packages installed that are affected by a vulnerability: - An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with...

NewStart CGSL CORE 5.05 / MAIN 5.05 : fontforge Vulnerability (NS-SA-2021-0153)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has fontforge packages installed that are affected by a vulnerability: - FontForge 20190801 has a use-after-free in SFDGetFontMetaData in sfd.c. CVE-2020-5395 Note that Nessus has not tested for this issue but has instead relie...

NewStart CGSL CORE 5.04 / MAIN 5.04 : sudo Multiple Vulnerabilities (NS-SA-2021-0101)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has sudo packages installed that are affected by multiple vulnerabilities: - A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret a system group aka %group in the sudoers fil...

NewStart CGSL CORE 5.04 / MAIN 5.04 : firefox Multiple Vulnerabilities (NS-SA-2021-0107)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has firefox packages installed that are affected by multiple vulnerabilities: - Further techniques that built on the slipstream research combined with a malicious webpage could have exposed both an internal network's hosts as...

NewStart CGSL CORE 5.04 / MAIN 5.04 : glibc Multiple Vulnerabilities (NS-SA-2021-0095)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has glibc packages installed that are affected by multiple vulnerabilities: - The posixspawnfileactionsaddopen function in glibc before 2.20 does not copy its path argument in accordance with the POSIX specification, which allo...

NewStart CGSL CORE 5.05 / MAIN 5.05 : microcode_ctl Multiple Vulnerabilities (NS-SA-2021-0165)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has microcodectl packages installed that are affected by multiple vulnerabilities: - Observable discrepancy in the RAPL interface for some IntelR Processors may allow a privileged user to potentially enable information disclosu...

NewStart CGSL CORE 5.05 / MAIN 5.05 : openldap Vulnerability (NS-SA-2021-0168)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has openldap packages installed that are affected by a vulnerability: - In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service daemon crash...

NewStart CGSL CORE 5.04 / MAIN 5.04 : squid Vulnerability (NS-SA-2021-0110)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has squid packages installed that are affected by a vulnerability: - An issue was discovered in Squid through 4.13 and 5.x through 5.0.4. Due to improper input validation, it allows a trusted client to perform HTTP Request...

NewStart CGSL CORE 5.05 / MAIN 5.05 : fence-agents Vulnerability (NS-SA-2021-0146)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has fence-agents packages installed that are affected by a vulnerability: - In httplib2 before version 0.18.0, an attacker controlling unescaped part of uri for httplib2.Http.request could change request headers and body, send...

NewStart CGSL CORE 5.04 / MAIN 5.04 : docker-ce Vulnerability (NS-SA-2021-0097)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has docker-ce packages installed that are affected by a vulnerability: - In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd...

NewStart CGSL CORE 5.05 / MAIN 5.05 : ntp Vulnerability (NS-SA-2021-0142)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has ntp packages installed that are affected by a vulnerability: - ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofe...