NewStart CGSL CORE 5.04 / MAIN 5.04 : ovmf Multiple Vulnerabilities (NS-SA-2019-0218)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has ovmf packages installed that are affected by multiple vulnerabilities: - Buffer overflow in system firmware for EDK II may allow unauthenticated user to potentially enable escalation of privilege and/or denial of service vi...

NewStart CGSL CORE 5.04 / MAIN 5.04 : opensc Multiple Vulnerabilities (NS-SA-2019-0222)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has opensc packages installed that are affected by multiple vulnerabilities: - Several buffer overflows when handling responses from a Muscle Card in musclelistfiles in libopensc/card- muscle.c in OpenSC before 0.19.0-rc1 could...

NewStart CGSL CORE 5.04 / MAIN 5.04 : patch Multiple Vulnerabilities (NS-SA-2019-0223)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has patch packages installed that are affected by multiple vulnerabilities: - GNU patch through 2.7.6 is vulnerable to OS shell command injection that can be exploited by opening a crafted patch file that contains an ed style...

Privilege Escalation

cordova-plugin-inappbrowser is vulnerable to privilege escalation. The vulnerability exists on android where arbitrary javascript can be run in the main application's website through the value of gap-iab://...

NewStart CGSL CORE 5.04 / MAIN 5.04 : libxkbcommon Multiple Vulnerabilities (NS-SA-2019-0199)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has libxkbcommon packages installed that are affected by multiple vulnerabilities: - Unchecked NULL pointer usage in LookupModMask in xkbcomp/expr.c in xkbcommon before 0.8.2 could be used by local attackers to crash NULL point...

Centreon Operating System Command Injection Vulnerability

Centreon Merethis Centreon is a set of open source system monitoring tools from the French company Centreon . The product mainly provides monitoring functions on the network , system and application resources . A security vulnerability exists in Centreon version 19.04. An attacker can use this...

CVE-2019-18216

The BIOS configuration design on ASUS ROG Zephyrus M GM501GS laptops with BIOS 313 relies on the main battery instead of using a CMOS battery, which reduces the value of a protection mechanism in which booting from a USB device is prohibited. Attackers who have physical laptop access can exhaust...

On-Board 'Mystery Boxes' Threaten Global Shipping Vessels

Commercial shipping environments are rife with vulnerabilities, according to researchers – up to and including unpatched “mystery boxes” that no one knows anything about. “In every single nautical pen test to date we have unearthed a system or device, that of the few crew that were aware, no one...

NewStart CGSL CORE 5.04 / MAIN 5.04 : blktrace Vulnerability (NS-SA-2019-0198)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has blktrace packages installed that are affected by a vulnerability: - blktrace aka Block IO Tracing 1.2.0, as used with the Linux kernel and Android, has a buffer overflow in the devmapread function in btt/devmap.c because th...

NewStart CGSL CORE 5.04 / MAIN 5.04 : mariadb Multiple Vulnerabilities (NS-SA-2019-0197)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has mariadb packages installed that are affected by multiple vulnerabilities: - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: MyISAM. Supported versions that are affected are 5.5.60 and prior, 5.6.40...

NewStart CGSL CORE 5.04 / MAIN 5.04 : dhcp Vulnerability (NS-SA-2019-0190)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has dhcp packages installed that are affected by a vulnerability: Note that Nessus has not tested for this issue but has instead relied only on the application's self- reported version number. %NASLMINLEVEL 70300 C Tenable...

NewStart CGSL CORE 5.04 / MAIN 5.04 : unzip Vulnerability (NS-SA-2019-0192)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has unzip packages installed that are affected by a vulnerability: - Info-ZIP UnZip 6.0 has a buffer overflow in list.c, when a ZIP archive has a crafted relationship between the compressed-size value and the uncompressed-size...

NewStart CGSL CORE 5.04 / MAIN 5.04 : exiv2 Multiple Vulnerabilities (NS-SA-2019-0188)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has exiv2 packages installed that are affected by multiple vulnerabilities: - In Exiv2 0.26, an out-of-bounds read in IptcData::printStructure in iptc.c could result in a crash or information leak, related to the == 0x1c case...

NewStart CGSL CORE 5.04 / MAIN 5.04 : samba Vulnerability (NS-SA-2019-0197)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has samba packages installed that are affected by a vulnerability: - A flaw was found in the way samba implemented an RPC endpoint emulating the Windows registry service API. An unprivileged attacker could use this flaw to crea...

NewStart CGSL CORE 5.04 / MAIN 5.04 : sox Vulnerability (NS-SA-2019-0203)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has sox packages installed that are affected by a vulnerability: - In the startread function in xa.c in Sound eXchange SoX through 14.4.2, a corrupt header specifying zero channels triggers an infinite loop with a resultant NUL...

NewStart CGSL CORE 5.04 / MAIN 5.04 : perl-Archive-Tar Vulnerability (NS-SA-2019-0188)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has perl-Archive-Tar packages installed that are affected by a vulnerability: - In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitra...

NewStart CGSL CORE 5.04 / MAIN 5.04 : libX11 Multiple Vulnerabilities (NS-SA-2019-0196)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has libX11 packages installed that are affected by multiple vulnerabilities: - An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string...

NewStart CGSL CORE 5.04 / MAIN 5.04 : polkit Vulnerability (NS-SA-2019-0207)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has polkit packages installed that are affected by a vulnerability: - A flaw was found in PolicyKit aka polkit 0.115 that allows a user with a uid greater than INTMAX to successfully execute any systemctl command. CVE-2018-1978...

NewStart CGSL CORE 5.04 / MAIN 5.04 : freerdp Vulnerability (NS-SA-2019-0204)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has freerdp packages installed that are affected by a vulnerability: - FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in...

NewStart CGSL CORE 5.04 / MAIN 5.04 : httpd Vulnerability (NS-SA-2019-0182)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has httpd packages installed that are affected by a vulnerability: - In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated...