NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2021-0012)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have...

NewStart CGSL CORE 5.04 / MAIN 5.04 : qt5-qtbase Multiple Vulnerabilities (NS-SA-2021-0035)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has qt5-qtbase packages installed that are affected by multiple vulnerabilities: - An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. readxbmbody in gui/image/qxbmhandler.cpp has a buffer...

NewStart CGSL MAIN 6.02 : dovecot Multiple Vulnerabilities (NS-SA-2021-0054)

The remote NewStart CGSL host, running version MAIN 6.02, has dovecot packages installed that are affected by multiple vulnerabilities: - In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service resource consumption via a...

NewStart CGSL CORE 5.04 / MAIN 5.04 : httpd Multiple Vulnerabilities (NS-SA-2021-0036)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has httpd packages installed that are affected by multiple vulnerabilities: - In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with modrewrite that were intended to be self-referential might be fooled by encoded...

NewStart CGSL MAIN 6.02 : cloud-init Multiple Vulnerabilities (NS-SA-2021-0062)

The remote NewStart CGSL host, running version MAIN 6.02, has cloud-init packages installed that are affected by multiple vulnerabilities: - In cloud-init through 19.4, randuserpassword in cloudinit/config/ccsetpasswords.py has a small default pwlen value, which makes it easier for attackers to...

NewStart CGSL CORE 5.04 / MAIN 5.04 : openldap Vulnerability (NS-SA-2021-0024)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openldap packages installed that are affected by a vulnerability: - In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters with nested boolean expressions can result in denial of service daemon crash...

NewStart CGSL CORE 5.04 / MAIN 5.04 : containerd.io Multiple Vulnerabilities (NS-SA-2021-0006)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has containerd.io packages installed that are affected by multiple vulnerabilities: - runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because...

NewStart CGSL MAIN 6.02 : sqlite Multiple Vulnerabilities (NS-SA-2021-0064)

The remote NewStart CGSL host, running version MAIN 6.02, has sqlite packages installed that are affected by multiple vulnerabilities: - An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use after...

NewStart CGSL CORE 5.04 / MAIN 5.04 : e2fsprogs Vulnerability (NS-SA-2021-0005)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has e2fsprogs packages installed that are affected by a vulnerability: - Multiple integer overflows in libext2fs in e2fsprogs before 1.40.3 allow user-assisted remote attackers to execute arbitrary code via a crafted filesystem...

NewStart CGSL CORE 5.04 / MAIN 5.04 : audiofile Multiple Vulnerabilities (NS-SA-2021-0046)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has audiofile packages installed that are affected by multiple vulnerabilities: - The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an...

NewStart CGSL CORE 5.04 / MAIN 5.04 : libxslt Multiple Vulnerabilities (NS-SA-2021-0027)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has libxslt packages installed that are affected by multiple vulnerabilities: - libxslt through 1.1.33 allows bypass of a protection mechanism because callers of xsltCheckRead and xsltCheckWrite permit access even upon receivin...

NewStart CGSL CORE 5.04 / MAIN 5.04 : dovecot Multiple Vulnerabilities (NS-SA-2021-0012)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has dovecot packages installed that are affected by multiple vulnerabilities: - In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service resource...

NewStart CGSL MAIN 6.02 : freetype Vulnerability (NS-SA-2021-0061)

The remote NewStart CGSL host, running version MAIN 6.02, has freetype packages installed that are affected by a vulnerability: - Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

NewStart CGSL MAIN 6.02 : sudo Vulnerability (NS-SA-2021-0089)

The remote NewStart CGSL host, running version MAIN 6.02, has sudo packages installed that are affected by a vulnerability: - Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via sudoedit -s and a command-line argument that ends with a single backslash...

NewStart CGSL MAIN 6.02 : nss Multiple Vulnerabilities (NS-SA-2021-0053)

The remote NewStart CGSL host, running version MAIN 6.02, has nss packages installed that are affected by multiple vulnerabilities: - Improper refcounting of soft token session objects could cause a use-after-free and crash likely limited to a denial of service. This vulnerability affects Firefox...

NewStart CGSL MAIN 4.06 : thunderbird Multiple Vulnerabilities (NS-SA-2021-0002)

The remote NewStart CGSL host, running version MAIN 4.06, has thunderbird packages installed that are affected by multiple vulnerabilities: - When removing data about an origin whose tab was recently closed, a use-after-free could occur in the Quota manager, resulting in a potentially exploitable...

NewStart CGSL CORE 5.04 / MAIN 5.04 : mod_auth_openidc Multiple Vulnerabilities (NS-SA-2021-0039)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has modauthopenidc packages installed that are affected by multiple vulnerabilities: - A flaw was found in modauthopenidc before version 2.4.1. An open redirect issue exists in URLs with a slash and backslash at the beginning...

NewStart CGSL MAIN 6.02 : libgcrypt Vulnerability (NS-SA-2021-0071)

The remote NewStart CGSL host, running version MAIN 6.02, has libgcrypt packages installed that are affected by a vulnerability: - It was discovered that there was a ECDSA timing attack in the libgcrypt20 cryptographic library. Version affected: 1.8.4-5, 1.7.6-2+deb9u3, and 1.6.3-2+deb8u4. Versio...

NewStart CGSL MAIN 6.02 : spice-gtk Vulnerability (NS-SA-2021-0075)

The remote NewStart CGSL host, running version MAIN 6.02, has spice-gtk packages installed that are affected by a vulnerability: - Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE clien...

NewStart CGSL CORE 5.04 / MAIN 5.04 : freetype Vulnerability (NS-SA-2021-0013)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has freetype packages installed that are affected by a vulnerability: - Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTM...