Ubuntu 18.04 LTS : Linux kernel (Azure) vulnerabilities (USN-5774-1)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5774-1 advisory. Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential...

pyRdfa3 Cross-site Scripting vulnerability

A vulnerability was found in RDFlib pyrdfa3 and classified as problematic. This issue affects the function getoption of the file pyRdfa/init.py. The manipulation leads to cross site scripting. The attack may be initiated remotely. The name of the patch is ffd1d62dd50d5f4190013b39cedcdfbd81f3ce3e...

Ubuntu 16.04 ESM : Linux kernel vulnerabilities (USN-5757-2)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5757-2 advisory. Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential...

CVE-2022-3943

A vulnerability was found in ForU CMS. It has been classified as problematic. Affected is an unknown function of the file cmschip.php. The manipulation of the argument name leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public an...

SUSE SLES15 Security Update : xorg-x11-server (SUSE-SU-2022:3850-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3850-1 advisory. - A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is the function GetCountedString...

CVE-2013-10001 HTC One/Sense Mail Client certificate validation

A vulnerability was found in HTC One/Sense 4.x. It has been rated as problematic. Affected by this issue is the certification validation of the mail client. An exploit has been disclosed to the public and may be used...

USN-4298-1 sqlite3 vulnerabilities

It was discovered that SQLite incorrectly handled certain shadow tables. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2019-13734, CVE-2019-13750, CVE-2019-13753 It was discovered that SQLite incorrectly handle...

Fedora 25 : libwmf (2017-d361de1a65)

Related: CVE-2017-6362 remove problematic function Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

glibc security update

2.17-106.0.1.4 - Remove strstr and strcasestr implementations using sse4.2 instructions. - Upstream commits 584b18eb4df61ccd447db2dfe8c8a7901f8c8598 and 1818483b15d22016b0eae41d37ee91cc87b37510 backported. 2.17-106.4 - Revert problematic libresolv change, not needed for the CVE-2015-7547 fix...

CVE-2014-3406

Race condition in the IP logging feature in Cisco Intrusion Prevention System IPS Software 7.17E4 and earlier allows remote attackers to cause a denial of service device reload via crafted IP traffic that matches a problematic rule, aka Bug ID CSCud82085...

DEBIAN-CVE-2007-1661

Perl-Compatible Regular Expression PCRE library before 7.3 backtracks too far when matching certain input bytes against some regex patterns in non-UTF-8 mode, which allows context-dependent attackers to obtain sensitive information or cause a denial of service crash, as demonstrated by the "\X?\d...