MiracleLinux 8 : shim-unsigned-x64-15.4-4.el8.ML.2 (AXSA:2021-2174:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2174:02 advisory. grub2: acpi command allows privileged user to load crafted ACPI tables when Secure Boot is enabled CVE-2020-14372 grub2: Use-after-free in rmmod...

EUVD-2022-44430

Malicious code in bioql PyPI...

Memory Leakage

Libtiff.so is vulnerable to Memory Leak. The vulnerability is due to improper memory management due to flaws in the TIFFmallocExt, TIFFCheckRealloc, TIFFHashSetNew, and InitCCITTFax3 functions in tiffcmp.c, which allow local attackers to trigger memory leaks...

webkitgtk: Processing maliciously crafted web content may lead to memory corruption

A flaw was found in WebKitGTK. Processing malicious web content can cause a use-after-free issue due to improper memory management and result in memory corruption...

CVE-2022-41187

Due to lack of proper memory management, when a victim opens a manipulated Wavefront Object .obj, ObjTranslator.exe file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based...

USN-7332-2: Linux kernel vulnerabilities

Attila Szász discovered that the HFS+ file system implementation in the Linux Kernel contained a heap overflow vulnerability. An attacker could use a specially crafted file system image that, when mounted, could cause a denial of service system crash or possibly execute arbitrary code...

CVE-2022-41211

Due to lack of proper memory management, when a victim opens manipulated file received from untrusted sources in SAP 3D Visual Enterprise Author and SAP 3D Visual Enterprise Viewer, Arbitrary Code Execution can be triggered when payload forces:Re-use of dangling pointer which refers to overwritte...

ROS-20240927-08

A vulnerability in the VideoBridge component of Mozilla Firefox, Firefox ESR and Thunderbird email client browsers is related to errors in security settings. Exploitation of the vulnerability could allow an attacker, acting remotely, to bypass the protection mechanism of an isolated software...

PT-2022-25723 · Sap · Sap 3D Visual Enterprise Viewer

Name of the Vulnerable Software and Affected Versions: SAP 3D Visual Enterprise Viewer version 9 Description: The issue arises due to improper memory management. When a victim opens a manipulated Scalable Vector Graphic .svg, .svg.x3d file from untrusted sources, it can trigger a Remote Code...

USN-5167-1 ffmpeg vulnerabilities

It was discovered that FFmpeg did not properly verify certain input when processing video and audio files. An attacker could possibly use this to send specially crafted input to the application, force a division by zero, and cause a denial of service application crash. CVE-2020-20445,...

Mandriva Update for krb5 MDVSA-2008:069 (krb5)

Check for the Version of krb5 OpenVAS Vulnerability Test Mandriva Update for krb5 MDVSA-2008:069 krb5 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

Multiple cgihtml vulnerabilities

Overview -------- cgihtml is a collection of routines for parsing World Wide Web WWW Common Gateway Interface CGI input and outputting HyperText Markup Language HTML. http://www.eekim.com/software/cgihtml/ According to the authors website, it has potentially been used in the implementation of...