NewStart CGSL MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2023-0057)

The remote NewStart CGSL host, running version MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlinkcit.c aka the Xirlink camera USB driver mishandles invalid descriptors, aka CID-a246b4d54770...

NewStart CGSL MAIN 6.06 : dhcp Vulnerability (NS-SA-2023-0091)

The remote NewStart CGSL host, running version MAIN 6.06, has dhcp packages installed that are affected by a vulnerability: - In ISC DHCP 4.1-ESV-R1 - 4.1-ESV-R16, ISC DHCP 4.4.0 - 4.4.2 Other branches of ISC DHCP i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series are...

NewStart CGSL MAIN 6.06 : cups Vulnerability (NS-SA-2023-0089)

The remote NewStart CGSL host, running version MAIN 6.06, has cups packages installed that are affected by a vulnerability: - A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. An...

NewStart CGSL MAIN 6.06 : cpio Vulnerability (NS-SA-2023-0088)

The remote NewStart CGSL host, running version MAIN 6.06, has cpio packages installed that are affected by a vulnerability: - GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c dsfgetstr integer overflow that triggers an out-of-boun...

NewStart CGSL MAIN 5.04 : docker-ce Vulnerability (NS-SA-2023-0109)

The remote NewStart CGSL host, running version MAIN 5.04, has docker-ce packages installed that are affected by a vulnerability: - Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where supplementary groups are not set up...

NewStart CGSL MAIN 6.06 : gnupg2 Vulnerability (NS-SA-2023-0086)

The remote NewStart CGSL host, running version MAIN 6.06, has gnupg2 packages installed that are affected by a vulnerability: - GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints e.g., use of GPGME are me...

NewStart CGSL MAIN 6.06 : udisks2 Vulnerability (NS-SA-2023-0090)

The remote NewStart CGSL host, running version MAIN 6.06, has udisks2 packages installed that are affected by a vulnerability: - A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest threat from this...

NewStart CGSL MAIN 6.02 : binutils Multiple Vulnerabilities (NS-SA-2023-0104)

The remote NewStart CGSL host, running version MAIN 6.02, has binutils packages installed that are affected by multiple vulnerabilities: - An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SE...

NewStart CGSL MAIN 6.06 : gzip Vulnerability (NS-SA-2023-0081)

The remote NewStart CGSL host, running version MAIN 6.06, has gzip packages installed that are affected by a vulnerability: - An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name for example, a crafted file name, thi...

NewStart CGSL MAIN 6.02 : kernel Multiple Vulnerabilities (NS-SA-2023-0061)

The remote NewStart CGSL host, running version MAIN 6.02, has kernel packages installed that are affected by multiple vulnerabilities: - A flaw was found in the Linux kernel's futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their privileges when creati...

NewStart CGSL MAIN 6.06 : mokutil Multiple Vulnerabilities (NS-SA-2023-0080)

The remote NewStart CGSL host, running version MAIN 6.06, has mokutil packages installed that are affected by multiple vulnerabilities: - A crafted 16-bit grayscale PNG image may lead to a out-of-bounds write in the heap area. An attacker may take advantage of that to cause heap data corruption o...

NewStart CGSL MAIN 6.02 : p11-kit Multiple Vulnerabilities (NS-SA-2023-0106)

The remote NewStart CGSL host, running version MAIN 6.02, has p11-kit packages installed that are affected by multiple vulnerabilities: - An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit library and...

NewStart CGSL MAIN 5.04 : openssl Vulnerability (NS-SA-2023-0069)

The remote NewStart CGSL host, running version MAIN 5.04, has openssl packages installed that are affected by a vulnerability: - In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script does not properly sanitise shell...

NewStart CGSL MAIN 6.06 : python-lxml Vulnerability (NS-SA-2023-0098)

The remote NewStart CGSL host, running version MAIN 6.06, has python-lxml packages installed that are affected by a vulnerability: - lxml is a library for processing XML and HTML in the Python language. Prior to version 4.6.5, the HTML Cleaner in lxml.html lets certain crafted script content pass...

NewStart CGSL MAIN 6.06 : pcre2 Vulnerability (NS-SA-2023-0079)

The remote NewStart CGSL host, running version MAIN 6.06, has pcre2 packages installed that are affected by a vulnerability: - An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compilexclassmatchingpath function of the pcre2jitcompile.c file. This involves a unicode...

NewStart CGSL MAIN 6.06 : cyrus-sasl Multiple Vulnerabilities (NS-SA-2023-0087)

The remote NewStart CGSL host, running version MAIN 6.06, has cyrus-sasl packages installed that are affected by multiple vulnerabilities: - cyrus-sasl aka Cyrus SASL 2.1.27 has an out-of-bounds write leading to unauthenticated remote denial-of- service in OpenLDAP via a malformed LDAP packet. Th...

NewStart CGSL MAIN 6.06 : keepalived Vulnerability (NS-SA-2023-0097)

The remote NewStart CGSL host, running version MAIN 6.06, has keepalived packages installed that are affected by a vulnerability: - In Keepalived through 2.2.4, the D-Bus policy does not sufficiently restrict the message destination, allowing any user to inspect and manipulate any property. This...

NewStart CGSL MAIN 6.06 : gnutls Multiple Vulnerabilities (NS-SA-2023-0100)

The remote NewStart CGSL host, running version MAIN 6.06, has gnutls packages installed that are affected by multiple vulnerabilities: - An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a norenegotiation alert is sent with...

NewStart CGSL MAIN 5.04 : openssl Vulnerability (NS-SA-2023-0101)

The remote NewStart CGSL host, running version MAIN 5.04, has openssl packages installed that are affected by a vulnerability: - There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the public...

NewStart CGSL MAIN 6.06 : cairo Vulnerability (NS-SA-2023-0077)

The remote NewStart CGSL host, running version MAIN 6.06, has cairo packages installed that are affected by a vulnerability: - A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's...