Ubuntu 18.04 LTS / 20.04 LTS : KiCad vulnerabilities (USN-7466-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7466-1 advisory. It was discovered that KiCad incorrectly handled memory when opening malicious files. An attacker could possibly use this issue to cause a...

Linux Distros Unpatched Vulnerability : CVE-2024-42063

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Mark bpf prog stack with kmsanunposionmemory in interpreter mode syzbot reported uninit memory usages during maplookup,deleteelem. ========== BUG: KMSAN:...

ROS-20240409-09

Vulnerability of yasmsectionbcsfirst function of YASM assembler is related to uncontrolled consumption of resources. Exploitation of the vulnerability may allow an attacker to cause a denial of service A vulnerability in the exprdeleteterm function of the YASM assembler is associated with an...

USN-5861-1: Linux kernel (Dell300x) vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...

PT-2021-2639 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to errors in handling objects in memory within the Windows Event Tracing service, which can allow an attacker to gain unauthorized access to protected information. This...

PT-2020-4320 · Microsoft · Windows Backup Service +1

Name of the Vulnerable Software and Affected Versions: Windows Backup Service affected versions not specified Description: The issue is related to an elevation of privilege vulnerability that exists when the Windows Backup Service improperly handles file operations. To exploit this, an attacker...

PT-2020-4321 · Microsoft · Windows Backup Service +1

Name of the Vulnerable Software and Affected Versions: Windows Backup Service affected versions not specified Description: The issue is related to an elevation of privilege vulnerability that exists when the Windows Backup Service improperly handles file operations. To exploit this, an attacker...

PT-2020-4083 · Microsoft · Windows Gdi +1

Name of the Vulnerable Software and Affected Versions: Windows GDI affected versions not specified Description: The issue is related to errors in handling objects in memory by the Windows Graphics Device Interface GDI. This can allow a remote attacker to execute arbitrary code, potentially giving...

PT-2020-3831 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to errors in handling memory objects in the Windows Network Connection Broker component. It allows an attacker to elevate their privileges using a specially crafted...

PT-2020-3001 · Microsoft · Windows Codecs Library

Name of the Vulnerable Software and Affected Versions: Microsoft Windows Codecs Library affected versions not specified Description: A remote code execution issue exists due to errors in handling objects in memory. This can be exploited by an attacker to execute arbitrary code using a specially...

PT-2020-1632 · Microsoft · Chakracore +1

Name of the Vulnerable Software and Affected Versions: Microsoft Edge ChakraCore affected versions not specified Description: The issue is related to errors in handling objects in memory by the ChakraCore scripting engine. This could allow a remote attacker to execute arbitrary code in the contex...

PT-2020-1658 · Microsoft · Chakracore +1

Name of the Vulnerable Software and Affected Versions: Microsoft Edge affected versions not specified Description: The issue is related to errors in handling objects in memory by the ChakraCore JavaScript engine. This could allow a remote attacker to execute arbitrary code, potentially gaining th...

PT-2019-3066 · Microsoft · Edge

Name of the Vulnerable Software and Affected Versions: Microsoft Edge affected versions not specified Description: The issue is related to errors in handling objects in memory by the Chakra scripting engine in Microsoft Edge. This could allow a remote attacker to execute arbitrary code using a...

PT-2019-1776 · Microsoft · Chakracore +1

Name of the Vulnerable Software and Affected Versions: Microsoft Edge affected versions not specified Description: The issue exists due to errors in handling objects in memory by the ChakraCore JavaScript engine. This could allow a remote attacker to execute arbitrary code, potentially gaining th...

Microsoft Windows Multiple Vulnerabilities (KB4056898)

This host is missing an important security update according to Microsoft KB4056898 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Microsoft Edge Multiple Vulnerabilities (3104519)

This host is missing a critical security update according to Microsoft Bulletin MS15-113. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Google Chrome < 34.0.1847.116 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is a version prior to 34.0.1847.116. It is, therefore, affected by the following vulnerabilities : - A use-after-free error exists in the included Flash version that could lead to arbitrary code execution. CVE-2014-0506 - A buffer overflow...

Firefox < 3.0.18 Multiple Vulnerabilities

The installed version of Firefox is earlier than 3.0.18. Such versions are potentially affected by the following security issues : - Multiple crashes can result in arbitrary code execution. MFSA 2010-01 - The implementation of 'Web Workers' contained an error in its handling of array data types...

Fedora 7 : cairo-1.4.14-1.fc7 (2007-3818)

The latest stable upstream release of cairo fixes a number of memory handling errors, rendering errors, and contains some optimizations. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...

GLSA-200505-03 : Ethereal: Numerous vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200505-03 Ethereal: Numerous vulnerabilities There are numerous vulnerabilities in versions of Ethereal prior to 0.10.11, including: The ANSI A and DHCP dissectors are vulnerable to format string vulnerabilities. The DISTCC, FCELS...