123 matches found
SUSE: Security Advisory (SUSE-SU-2021:3481-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-37608
CVE-2021-37608 affects Apache OFBiz up to and including 17.12.07; it is caused by Unrestricted Upload of File with Dangerous Type, enabling remote command execution. The advisory calls for upgrading to at least 17.12.08 or applying the OFBIZ-12297 patch. Connected sources confirm the vulnerabilit...
APSB21-54 Security update available for Adobe After Effects
Adobe has released an update for Adobe After Effects for Windows and macOS. This update addresses multiple critical and moderate vulnerabilities. Successful exploitation could lead to arbitrary code execution in the context of the current user...
SUSE: Security Advisory (SUSE-SU-2017:3233-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 8 : redis:6 (CESA-2021:2034)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:2034 advisory. - redis: Integer overflow via STRALGO LCS command CVE-2021-29477 Note that Nessus has not tested for this issue but has instead relied only on the application's...
SUSE: Security Advisory (SUSE-SU-2015:1013-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : wpa_supplicant (openSUSE-2021-404)
This update for wpasupplicant fixes the following issues : - CVE-2021-27803: Fixed a P2P provision discovery processing vulnerability bsc1182805. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptive text and package checks in this...
Security update for php7 (moderate)
openSUSE Security Update: Security update for php7 Announcement ID: openSUSE-SU-2021:0101-1 Rating: moderate References: 1180706 Cross-References: CVE-2020-7071 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for php7 fixes t...
EulerOS 2.0 SP2 : libexif (EulerOS-SA-2020-1682)
According to the versions of the libexif package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Most digital cameras produce EXIF files, which are JPEG files with extra tags that contain information about the image. The EXIF library allows...
Moderate: Red Hat Security Advisory: libsndfile security update
An update for libsndfile is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...
FreeBSD : Mbed TLS -- Side channel attack on ECDSA (bf1f47c4-7f1b-11ea-bf94-001cc0382b2f)
Manuel Pegourie-Gonnard reports : An attacker with access to precise enough timing and memory access information typically an untrusted operating system attacking a secure enclave such as SGX or the TrustZone secure world can fully recover an ECDSA private key after observing a number of signatur...
Win32k Information Disclosure Vulnerability
An information disclosure vulnerability exists when the win32k component improperly provides kernel information. An attacker who successfully exploited the vulnerability could obtain information to further compromise the user’s system. To exploit this vulnerability, an attacker would have to log ...
Photon OS 3.0: Mercurial PHSA-2019-3.0-0015
An update of the mercurial package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0015. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid126116;...
Fedora Update for vim FEDORA-2019-d79f89346c
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Slackware 14.2 / current : wget (SSA:2019-092-02)
New wget packages are available for Slackware 14.2 and -current to fix security issues. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2019-092-02. The text itself is copyright C Slackware Linux, Inc...
Fedora 29 : drupal7 (2018-d3f4eb1f9f)
https://www.drupal.org/project/drupal/releases/7.60 - SA-CORE-2018-006 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...
Fedora 27 : pdns-recursor (2018-76c82b393e)
Upstream released new version - Fix a bunch of CVE's Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
Fedora Update for dovecot FEDORA-2018-52d79f4f36
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : postgresql95 (openSUSE-2018-279)
This update for postgresql95 fixes the following issues : Security issue fixed in PostgreSQL 9.5.12 : - CVE-2018-1058: Uncontrolled search path element in pgdump and other client applications boo1081925. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks ...
SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2017:2924-1)
This update for qemu to version 2.9.1 fixes several issues. It also announces that the qed storage format will be no longer supported in SLE 15 fate324200. These security issues were fixed : - CVE-2017-15268: Qemu allowed remote attackers to cause a memory leak by triggering slow data-channel rea...