28 matches found
SUSE SLES15: qemu / qemu-SLOF / qemu-accel-tcg-x86 / qemu-arm / qemu-audio-alsa / etc (SUSE-SU-2026:0043-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0043-1 advisory. Security issues fixed: - CVE-2023-1544: out-of-bounds read in VMWare's paravirtual RDMA device operations can be exploited through ...
PT-2024-4247
Name of the Vulnerable Software and Affected Versions: Mozilla Firefox versions 115.11.0esr-1deb10u1 and earlier, Mozilla Thunderbird versions 115.10.0 and 128.3.0-alt1, Network Security Services NSS. Description: Multiple security issues have been found in Mozilla Firefox, Mozilla Thunderbird, a...
Vulnerabilities fixed in node.js
Vulnerabilities have been fixed in node.js. The vulnerabilities allow a malicious party to launch attacks that lead to the following categories of damage: Denial-of-Service DoS. Remote code execution User Rights Access to system data For the vulnerability with attribute CVE-2021-44906,...
Vulnerability fixed in libgcrypt
The developers of GnuPG have fixed a vulnerability in libgcrypt. The vulnerability is caused by an insecure implementation of ElGamal cryptography. A malicious person could potentially exploit the vulnerability to perform a side-channel attack against data encrypted using ElGamal. Few substantive...
Vulnerabilities fixed in WebKitGTK
Vulnerabilities have been fixed in WebKitGTK. The vulnerabilities allow a malicious person to execute arbitrary code execute under the user's privileges. The malicious party must victim to open a rogue page to exploit these vulnerabilities to be exploited. The developers of WebKitGTK have release...
openSUSE Security Update : libvirt (openSUSE-SU-2015:0006-1)
CVE-2014-8136: libvirt: local denial of service in qemu driver 2bdcd29c-CVE-2014-8136.patch bsc910862 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2015-2. The text description of...
openSUSE Security Update : libreoffice (openSUSE-SU-2014:1412-1)
libreoffice was updated to fix two security issues. These security issues were fixed : - 'Document as E-mail' vulnerability bnc900218. - Impress Remote Control Use-after-Free Vulnerability CVE-2014-3693. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks ...
openSUSE Security Update : gnumeric (openSUSE-SU-2014:0138-1)
Add gnumeric-CVE-2013-6836.patch: fix Heap-buffer-overflow in mseschergetdata on a fuzzed xls file bnc856254, bgo712772, CVE-2013-6838. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
openSUSE Security Update : python-tornado (openSUSE-SU-2012:0755-1)
This update includes several security fixes added in version 2.2.1 and 2.3 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-330. The text description of this plugin is C SUSE LLC...
openSUSE Security Update : python-suds (openSUSE-SU-2013:1208-1)
Python SUDS was updated to create a create random cache tempdir to avoid other local user access bnc827568 CVE-2013-2217 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2013-590. The...
openSUSE Security Update : sudo (openSUSE-SU-2012:0652-1)
sudo did not always honor the HostList setting in /etc/sudoers properly %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-293. The text description of this plugin is C SUSE LLC...
openSUSE Security Update : libssh (openSUSE-SU-2014:0366-1)
libssh was updated to fix a random generator reseeding issue when forking multiple servers. Forking multiple servers might under some circumstances get them the same random seed state. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...
openSUSE Security Update : python-keystoneclient (openSUSE-SU-2013:1090-1)
This update of python-keystoneclient fixes a security vulnerability. - Add CVE-2013-2013.patch: allow secure user password update CVE-2013-2013, bnc817415. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...
openSUSE Security Update : libxml2 / python-libxml2 (openSUSE-SU-2014:0716-1)
Updated fix for openSUSE-SU-2014:0645-1 because of a regression that caused xmllint to break. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2014-394. The text description of this...
openSUSE Security Update : libcap-ng (openSUSE-SU-2014:0736-1)
Besides other enhancements, this version update contains : - fix for CVE-2014-3215 bnc876832 - use PRSETNONEWPRIVS to prevent gain of new privileges - added libcap-ng-CVE-2014-3215.patch %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin we...
openSUSE Security Update : rubygem-i18n / rubygem-i18n-0_6 (openSUSE-SU-2013:1930-1)
This update fixes the following security issue with rubygem-i18n : - fix bnc854166: CVE-2013-4492: rubygem-i18n: missing translation XSS. File CVE-2013-4492.patch.i18n.0.6.x contains the fix. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plug...
openSUSE Security Update : jakarta-commons-httpclient (openSUSE-SU-2013:0622-1)
jakarta-commons-httpclient was updated to enhance the fix of bnc803332 / CVE-2012-5783 - also check for subjectAltNames in the certificate. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
openSUSE Security Update : telepathy-gabble (openSUSE-SU-2013:0518-1)
telepathy-gabble was updated to fix a remote denial of service attack using NULL ptr dereferences during hashing. CVE-2013-1769. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
openSUSE Security Update : lcms2 (openSUSE-SU-2013:1236-1)
This version update of lcms2 to release 2.5 fixes several security issues plus several other color management bugs. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2013-602. The text...
openSUSE Security Update : t1lib (openSUSE-SU-2011:0140-1)
A heap overflow in the AFM font parser of DVI files has been fixed in t1lib. CVE-2010-2642 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update t1lib-3788. The text...