9 matches found
EUVD-2019-8586
Malware in sbrugna...
RHEL 7 : python-twisted (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - python-twisted: XMPP support in words.protocols.jabber.xmlstream in Twisted does not verify certificates allowing f...
Mageia: Security Advisory (MGASA-2019-0360)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Design/Logic Flaw
A Insufficient Verification of Data Authenticity vulnerability in autoyast2 of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allows remote attackers to MITM connections when deprecated and unused functionality of autoyast is used to create images. This issue affects: SUSE Linux...
CVE-2019-18905 Deprecated functionality in autoyast2 automatically imports gpg keys without checking them
A Insufficient Verification of Data Authenticity vulnerability in autoyast2 of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allows remote attackers to MITM connections when deprecated and unused functionality of autoyast is used to create images. This issue affects: SUSE Linux...
Input validation
A Improper Certificate Validation vulnerability in susestudio-common of SUSE Studio onsite allows remote attackers to MITM connections to the repositories, which allows the modification of packages received over these connections. This issue affects: SUSE Studio onsite susestudio-common version...
CVE-2017-14806 Insecure handling of repodata and packages in SUSE Studio onlite
A Improper Certificate Validation vulnerability in susestudio-common of SUSE Studio onsite allows remote attackers to MITM connections to the repositories, which allows the modification of packages received over these connections. This issue affects: SUSE Studio onsite susestudio-common version...
MGASA-2019-0360 Updated python-twisted packages fix security vulnerabilities
Updated python-twisted packages fix security vulnerabilities: Improper sanitization of URIs or HTTP which could allow attackers to perform CRLF attacks CVE-2019-12387. In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verify certificates when used with TLS,...
Updated python-twisted packages fix security vulnerabilities
Updated python-twisted packages fix security vulnerabilities: Improper sanitization of URIs or HTTP which could allow attackers to perform CRLF attacks CVE-2019-12387. In words.protocols.jabber.xmlstream in Twisted through 19.2.1, XMPP support did not verify certificates when used with TLS,...