NewStart CGSL CORE 5.05 / MAIN 5.05 : thunderbird Multiple Vulnerabilities (NS-SA-2020-0003)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has thunderbird packages installed that are affected by multiple vulnerabilities: - In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive...

NewStart CGSL CORE 5.05 / MAIN 5.05 : tcpdump Vulnerability (NS-SA-2020-0008)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has tcpdump packages installed that are affected by a vulnerability: - In tcpdump 4.9.2, a stack-based buffer over-read exists in the printprefix function of print-hncp.c via crafted packet data because of missing initializatio...

NewStart CGSL CORE 5.05 / MAIN 5.05 : kernel Multiple Vulnerabilities (NS-SA-2020-0002)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has kernel packages installed that are affected by multiple vulnerabilities: - Improper invalidation for page table updates by a virtual guest operating system for multiple IntelR Processors may allow an authenticated user to...

NewStart CGSL CORE 5.05 / MAIN 5.05 : sudo Vulnerability (NS-SA-2020-0004)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has sudo packages installed that are affected by a vulnerability: - In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause...

NewStart CGSL CORE 5.05 / MAIN 5.05 : python Vulnerability (NS-SA-2020-0002)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has python packages installed that are affected by a vulnerability: - The documentation XML-RPC server in Python through 2.7.16, 3.x through 3.6.9, and 3.7.x through 3.7.4 has XSS via the servertitle field. This occurs in...

NewStart CGSL CORE 5.05 / MAIN 5.05 : php Vulnerability (NS-SA-2020-0001)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has php packages installed that are affected by a vulnerability: - In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain configurations of FPM setup it is possible to cause FPM module to write...

NewStart CGSL CORE 5.05 / MAIN 5.05 : ntp Vulnerability (NS-SA-2020-0009)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has ntp packages installed that are affected by a vulnerability: - NTP before 4.2.8p7 and 4.3.x before 4.3.92, when mode7 is enabled, allows remote attackers to cause a denial of service ntpd abort by using the same IP address...

NewStart CGSL CORE 5.05 / MAIN 5.05 : firefox Multiple Vulnerabilities (NS-SA-2020-0004)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has firefox packages installed that are affected by multiple vulnerabilities: - When following the value's prototype chain, it was possible to retain a reference to a locale, delete it, and subsequently reference it. This...

NewStart CGSL CORE 5.05 / MAIN 5.05 : nss-util Vulnerability (NS-SA-2020-0006)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has nss-util packages installed that are affected by a vulnerability: - Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being improperly sanitized before being copied into memory and used...

Batch-Move Posts <= 1.5 - Broken Authentication leading to Unauthenticated Stored XSS

An attacker can add a Cross-Site Scripting XSS payload remotely without any authentication. The Payload gets triggered when an Admin visits the settings page of the plugin. Edit WPScanTeam: The plugin is still affected and has been closed. Vulnerable code is from lines 68 to 84. The code gets the...

Radix - Moderately critical - Cross site scripting - SA-CONTRIB-2020-001

Radix is a base theme for Drupal, with Bootstrap 4, Sass, ES6 and BrowserSync built-in. The module doesn't sufficiently filter menu titles when used in a dropdown in the main menu. This vulnerability is mitigated by the fact that an attacker must have permission to edit a menu title used in the...

Vulnerability of the nfp_flower_spawn_vnic_reprs() function (drivers/net/ethernet/netronome/nfp/flower/main.c) in the Linux kernel, allowing a hacker to trigger a service failure

The vulnerability of the nfpflowerspawnvnicreprs function in the drivers/net/ethernet/netronome/nfp/flower/main.c file of the Linux kernel is related to an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...

VulnCheck KEV: CVE-2018-9285

MainAnalysisContent.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.38410007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices before...

NewStart CGSL CORE 5.04 / MAIN 5.04 : nss-softokn Vulnerability (NS-SA-2019-0262)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has nss-softokn packages installed that are affected by a vulnerability: - Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being improperly sanitized before being copied into memory and used...

NewStart CGSL CORE 5.04 / MAIN 5.04 : nss Multiple Vulnerabilities (NS-SA-2019-0262)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has nss packages installed that are affected by multiple vulnerabilities: - Empty or malformed p256-ECDH public keys may trigger a segmentation fault due values being improperly sanitized before being copied into memory and use...

NewStart CGSL CORE 5.05 / MAIN 5.05 : sssd Multiple Vulnerabilities (NS-SA-2019-0241)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has sssd packages installed that are affected by multiple vulnerabilities: - A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' the root directory instead of '' the emp...

NewStart CGSL CORE 5.05 / MAIN 5.05 : jss Vulnerability (NS-SA-2019-0240)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has jss packages installed that are affected by a vulnerability: - A flaw was found in the Leaf and Chain OCSP policy implementation in JSS' CryptoManager versions after 4.4.6, 4.5.3, 4.6.0, where it implicitly trusted the root...

NewStart CGSL CORE 5.05 / MAIN 5.05 : libmspack Multiple Vulnerabilities (NS-SA-2019-0237)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has libmspack packages installed that are affected by multiple vulnerabilities: - In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum...

NewStart CGSL CORE 5.05 / MAIN 5.05 : zziplib Multiple Vulnerabilities (NS-SA-2019-0226)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has zziplib packages installed that are affected by multiple vulnerabilities: - In ZZIPlib 0.13.67, there is a bus error caused by loading of a misaligned address when handling disk64trailer local entries in zzipfetchdisktraile...

NewStart CGSL CORE 5.05 / MAIN 5.05 : compat-libtiff3 Vulnerability (NS-SA-2019-0238)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has compat-libtiff3 packages installed that are affected by a vulnerability: - A NULL Pointer Dereference occurs in the function TIFFPrintDirectory in tifprint.c in LibTIFF 4.0.9 when using the tiffinfo tool to print crafted TI...