SUSE SLES15 Security Update : qemu (SUSE-SU-2026:0043-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0043-1 advisory. Security issues fixed: - CVE-2023-1544: out-of-bounds read in VMWare's paravirtual RDMA device operations can be exploited through ...

PT-2024-4247

Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions 115.11.0esr-1deb10u1 and earlier, Mozilla Thunderbird versions 115.10.0 and 128.3.0-alt1, Network Security Services NSS. Description: Multiple security issues have been found in Mozilla Firefox, Mozilla Thunderbird, a...

Vulnerabilities fixed in node.js

Vulnerabilities have been fixed in node.js. The vulnerabilities allow a malicious party to launch attacks that lead to the following categories of damage: Denial-of-Service DoS. Remote code execution User Rights Access to system data For the vulnerability with attribute CVE-2021-44906,...

Vulnerability fixed in libgcrypt

The developers of GnuPG have fixed a vulnerability in libgcrypt. The vulnerability is caused by an insecure implementation of ElGamal cryptography. A malicious person could potentially exploit the vulnerability to perform a side-channel attack against data encrypted using ElGamal. Few substantive...

Vulnerabilities fixed in WebKitGTK

Vulnerabilities have been fixed in WebKitGTK. The vulnerabilities allow a malicious person to execute arbitrary code execute under the user's privileges. The malicious party must victim to open a rogue page to exploit these vulnerabilities to be exploited. The developers of WebKitGTK have release...

openSUSE Security Update : libvirt (openSUSE-SU-2015:0006-1)

CVE-2014-8136: libvirt: local denial of service in qemu driver 2bdcd29c-CVE-2014-8136.patch bsc910862 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2015-2. The text description of...

openSUSE Security Update : libreoffice (openSUSE-SU-2014:1412-1)

libreoffice was updated to fix two security issues. These security issues were fixed : - 'Document as E-mail' vulnerability bnc900218. - Impress Remote Control Use-after-Free Vulnerability CVE-2014-3693. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks ...

openSUSE Security Update : dhcp (openSUSE-SU-2012:1254-1)

Update to ISC dhcp-4.2.4-P2 release, providing a security fix for an issue with the use of lease times was found and fixed. Making certain changes to the end time of an IPv6 lease could cause the server to abort. Thanks to Glen Eustace of Massey University, New Zealand for finding this issue...

openSUSE Security Update : libcap-ng (openSUSE-SU-2014:0736-1)

Besides other enhancements, this version update contains : - fix for CVE-2014-3215 bnc876832 - use PRSETNONEWPRIVS to prevent gain of new privileges - added libcap-ng-CVE-2014-3215.patch %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin we...

openSUSE Security Update : rubygem-i18n / rubygem-i18n-0_6 (openSUSE-SU-2013:1930-1)

This update fixes the following security issue with rubygem-i18n : - fix bnc854166: CVE-2013-4492: rubygem-i18n: missing translation XSS. File CVE-2013-4492.patch.i18n.0.6.x contains the fix. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plug...

openSUSE Security Update : clamav (openSUSE-SU-2011:1177-1)

This version update of clamav fixes a recursion level crash. CVE-2011-3627 was assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update clamav-5308. The text description of this...

openSUSE Security Update : python-tornado (openSUSE-SU-2012:0755-1)

This update includes several security fixes added in version 2.2.1 and 2.3 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-330. The text description of this plugin is C SUSE LLC...

openSUSE Security Update : jakarta-commons-httpclient (openSUSE-SU-2013:0622-1)

jakarta-commons-httpclient was updated to enhance the fix of bnc803332 / CVE-2012-5783 - also check for subjectAltNames in the certificate. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

openSUSE Security Update : gnumeric (openSUSE-SU-2014:0138-1)

Add gnumeric-CVE-2013-6836.patch: fix Heap-buffer-overflow in mseschergetdata on a fuzzed xls file bnc856254, bgo712772, CVE-2013-6838. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

openSUSE Security Update : telepathy-gabble (openSUSE-SU-2013:0518-1)

telepathy-gabble was updated to fix a remote denial of service attack using NULL ptr dereferences during hashing. CVE-2013-1769. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

openSUSE Security Update : lcms2 (openSUSE-SU-2013:1236-1)

This version update of lcms2 to release 2.5 fixes several security issues plus several other color management bugs. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2013-602. The text...

openSUSE Security Update : jasper (openSUSE-SU-2011:1328-1)

Specially crafted JPEG2000 files could cause a heap buffer overflow in jasper CVE-2011-4516, CVE-2011-4517 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update jasper-5543. The text description of...

openSUSE Security Update : opera (openSUSE-SU-2011:1314-1)

opera was updated to version 11.60 to fix several security issues %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update opera-5529. The text description of this plugin is C SUSE LLC...

openSUSE Security Update : python-suds (openSUSE-SU-2013:1208-1)

Python SUDS was updated to create a create random cache tempdir to avoid other local user access bnc827568 CVE-2013-2217 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2013-590. The...

openSUSE Security Update : python-keystoneclient (openSUSE-SU-2013:1090-1)

This update of python-keystoneclient fixes a security vulnerability. - Add CVE-2013-2013.patch: allow secure user password update CVE-2013-2013, bnc817415. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...