NewStart CGSL CORE 5.05 / MAIN 5.05 : librepo Vulnerability (NS-SA-2021-0170)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has librepo packages installed that are affected by a vulnerability: - A flaw was found in librepo in versions before 1.12.1. A directory traversal vulnerability was found where it failed to sanitize paths in remote repository...

NewStart CGSL CORE 5.05 / MAIN 5.05 : libsrtp Multiple Vulnerabilities (NS-SA-2021-0150)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has libsrtp packages installed that are affected by multiple vulnerabilities: - Buffer overflow in srtp.c in libsrtp in srtp 1.4.5 and earlier allows remote attackers to cause a denial of service crash via vectors related to a...

NewStart CGSL CORE 5.05 / MAIN 5.05 : thunderbird Multiple Vulnerabilities (NS-SA-2021-0177)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has thunderbird packages installed that are affected by multiple vulnerabilities: - Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted...

NewStart CGSL CORE 5.05 / MAIN 5.05 : qt Vulnerability (NS-SA-2021-0149)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has qt packages installed that are affected by a vulnerability: - An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. readxbmbody in gui/image/qxbmhandler.cpp has a buffer over-read...

NewStart CGSL CORE 5.05 / MAIN 5.05 : bind Multiple Vulnerabilities (NS-SA-2021-0137)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has bind packages installed that are affected by multiple vulnerabilities: - A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, throu...

NewStart CGSL CORE 5.05 / MAIN 5.05 : xstream Vulnerability (NS-SA-2021-0179)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has xstream packages installed that are affected by a vulnerability: - XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker to run arbitrary shell commands only by...

NewStart CGSL CORE 5.05 / MAIN 5.05 : curl Multiple Vulnerabilities (NS-SA-2021-0154)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has curl packages installed that are affected by multiple vulnerabilities: - Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. CVE-2019-5482 - curl 7.20.0 through 7.70.0 is vulnerable to improper...

NewStart CGSL CORE 5.05 / MAIN 5.05 : OpenEXR Multiple Vulnerabilities (NS-SA-2021-0149)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has OpenEXR packages installed that are affected by multiple vulnerabilities: - An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during Huffman uncompression, as demonstrated by...

NewStart CGSL MAIN 6.02 : chrony Multiple Vulnerabilities (NS-SA-2021-0127)

The remote NewStart CGSL host, running version MAIN 6.02, has chrony packages installed that are affected by multiple vulnerabilities: - Multiple integer overflows in pktlength.c in Chrony before 1.29 allow remote attackers to cause a denial of service crash via a crafted 1 REQSUBNETSACCESSED or ...

NewStart CGSL CORE 5.05 / MAIN 5.05 : perl Multiple Vulnerabilities (NS-SA-2021-0184)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has perl packages installed that are affected by multiple vulnerabilities: - Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow...

NewStart CGSL MAIN 6.02 : perl Vulnerability (NS-SA-2021-0127)

The remote NewStart CGSL host, running version MAIN 6.02, has perl packages installed that are affected by a vulnerability: - regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive Sstudychunk calls. CVE-2020-12723 Note that Nessus has not...

NewStart CGSL CORE 5.04 / MAIN 5.04 : qt5-qtimageformats Multiple Vulnerabilities (NS-SA-2021-0113)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has qt5-qtimageformats packages installed that are affected by multiple vulnerabilities: - A flaw was found in libwebp in versions before 1.0.1. A heap-based buffer overflow was found in PutLE16. The highest threat from this...

NewStart CGSL CORE 5.05 / MAIN 5.05 : firefox Multiple Vulnerabilities (NS-SA-2021-0178)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has firefox packages installed that are affected by multiple vulnerabilities: - Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted SCTP...

NewStart CGSL CORE 5.05 / MAIN 5.05 : freetype Vulnerability (NS-SA-2021-0144)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has freetype packages installed that are affected by a vulnerability: - Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTM...

NewStart CGSL CORE 5.04 / MAIN 5.04 : screen Vulnerability (NS-SA-2021-0103)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has screen packages installed that are affected by a vulnerability: - encoding.c in GNU Screen through 4.8.0 allows remote attackers to cause a denial of service invalid write access and application crash or possibly have...

NewStart CGSL CORE 5.04 / MAIN 5.04 : ipa Vulnerability (NS-SA-2021-0104)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has ipa packages installed that are affected by a vulnerability: - In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from untrusted sources - even after sanitizing it - to one ...

NewStart CGSL CORE 5.05 / MAIN 5.05 : net-snmp Vulnerability (NS-SA-2021-0150)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has net-snmp packages installed that are affected by a vulnerability: - Net-SNMP through 5.7.3 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root...

NewStart CGSL CORE 5.05 / MAIN 5.05 : spice Vulnerability (NS-SA-2021-0165)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has spice packages installed that are affected by a vulnerability: - Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPI...

NewStart CGSL CORE 5.05 / MAIN 5.05 : unoconv Vulnerability (NS-SA-2021-0170)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has unoconv packages installed that are affected by a vulnerability: - The unoconv package before 0.9 mishandles untrusted pathnames, leading to SSRF and local file inclusion. CVE-2019-17400 Note that Nessus has not tested for...

NewStart CGSL CORE 5.05 / MAIN 5.05 : kernel Multiple Vulnerabilities (NS-SA-2021-0140)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has kernel packages installed that are affected by multiple vulnerabilities: - The iscsiifrx function in drivers/scsi/scsitransportiscsi.c in the Linux kernel through 4.13.2 allows local users to cause a denial of service panic...