36 matches found
RHCOS 3 : OpenShift Container Platform 3.11 (RHSA-2020:0795)
The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0795 advisory. - atomic-openshift: reflected XSS in authentication flow CVE-2019-3889 Note that Nessus has not tested for this issue but has instead relied...
Azure Linux 3.0 Security Update: junit (CVE-2020-15250)
The version of junit installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-15250 advisory. - In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information...
Azure Linux 3.0 Security Update: gsl (CVE-2020-35357)
The version of gsl installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-35357 advisory. - A buffer overflow can occur when calculating the quantile value using the Statistics Library of GSL GNU...
Azure Linux 3.0 Security Update: samba (CVE-2020-25719)
The version of samba installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-25719 advisory. - A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name- based...
MiracleLinux 7 : openwsman-2.6.3-7.git4391e5c.el7 (AXSA:2020-623:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-623:01 advisory. openwsman: Infinite loop in processconnection allows denial of service CVE-2019-3833 Tenable has extracted the preceding description block directly from the...
MiracleLinux 8 : httpd:2.4 (AXSA:2020-846:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-846:01 advisory. httpd: Push diary crash on specifically crafted HTTP/2 header CVE-2020-9490 Modularity name: httpd Stream name: 2.4 CVE-2020-9490 Apache HTTP Server versions...
MiracleLinux 7 : openssl-1.0.2k-21.el7 (AXSA:2020-994:04)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-994:04 advisory. openssl: EDIPARTYNAME NULL pointer de-reference CVE-2020-1971 Tenable has extracted the preceding description block directly from the MiracleLinux security...
MiracleLinux 4 : thunderbird-78.5.1-1.AXS4 (AXSA:2020-1010:11)
The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-1010:11 advisory. Mozilla: Stack overflow due to incorrect parsing of SMTP server response codes CVE-2020-26970 Tenable has extracted the preceding description block directly...
MiracleLinux 8 : qt5, qt5-qtx11extras-5.12.5-1.0.1.el8, qt5-qtxmlpatterns-5.12.5-1.0.1.el8, qt5-5.12.5-3.0.1.el8, sip-4.19.19-1.0.1.el8security fix upate (AXSA:2020-952:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-952:01 advisory. qt: Malformed PPM image causing division by zero and crash in qppmhandler.cpp CVE-2018-19872 qt5-qtsvg: Invalid parsing of malformed url reference...
MiracleLinux 7 : freeradius-3.0.13-15.el7 (AXSA:2020-624:01)
The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-624:01 advisory. freeradius: privilege escalation due to insecure logrotate configuration CVE-2019-10143 freeradius: eap-pwd: Information leak due to aborting when...
MiracleLinux 7 : firefox-78.4.1-1.0.1.el7.AXS7 (AXSA:2020-940:25)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-940:25 advisory. Mozilla: Write side effects in MCallGetProperty opcode not accounted for CVE-2020-26950 Tenable has extracted the preceding description block directly from th...
RHSA-2020:0160
creationtimestamp| type| source ---|---|--- 2025-07-02 12:12:13+00:00| seen| Telegram/VazWcAIxN-1ZxEnU3fC-97KiOQmJtQ802CTOs8zfB01M-ls...
OESA-2025-1280 syslinux security update
The Syslinux Project covers lightweight bootloaders for MS-DOS FAT filesystems SYSLINUX, network booting PXELINUX, bootable "El Torito" CD-ROMs ISOLINUX, and Linux ext2/ext3/ext4 or btrfs filesystems EXTLINUX. The project also includes MEMDISK, a tool to boot legacy operating systems such as DOS...
UBUNTU-CVE-2020-21548
Libsixel 1.8.3 contains a heap-based buffer overflow in the sixelencodehighcolor function in tosixel.c...
UBUNTU-CVE-2020-21533
fig2dev 3.2.7b contains a stack buffer overflow in the readtextobject function in read.c...
UBUNTU-CVE-2020-36427
GNOME gThumb before 3.10.1 allows an application crash via a malformed JPEG image...
CVE-2020-13603
Integer Overflow in memory allocating functions. Zephyr versions = 1.14.2, = 2.4.0 contain Integer Overflow or Wraparound CWE-190. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-94vp-8gc2-rm45...
AMNESIA:33. (BSA-2020-1167)
Security Advisory ID: BSA-2020-1167 Component: Open source TCP/IP stacks. Revision: 1.1 Forescout Research Labs discovered 33 vulnerabilities impacting millions of IoT, OT, and IT devices that present an immediate risk for organizations worldwide.These vulnerabilities are named AMNESIA:33. Detail...
@halo-dev/markdown-renderer (>=1.0.0-alpha.11 <=1.0.0-alpha.50), @jx3box/jx3box-bmap (>=0.0.1 <=0.1.15) +119 more potentially affected by CVE-2020-28455 via markdown-it-toc (=1.1.0)
markdown-it-toc NPM version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on markdown-it-toc and may be impacted: - @halo-dev/markdown-renderer =1.0.0-alpha.11, =0.0.1, =1.8.9, =5.4.2, =1.0.3, =0.0.1, =0.1.5, =0.1.0, =0.0.1, =0.1.1, =1.0.6, =0.0....
UBUNTU-CVE-2020-19668
Unverified indexs into the array lead to out of bound access in the gifoutcode function in fromgif.c in libsixel 1.8.6...