17 matches found
IBM WebSphere eXtreme Scale 8.6.1.0 < 8.6.1.6 (7277387)
The version of IBM WebSphere eXtreme Scale installed on the remote host is prior to 8.6.1.6. It is, therefore, affected by multiple vulnerabilities as referenced in the 7277387 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of...
MiracleLinux 7 : SDL-1.2.15-15.el7 (AXSA:2019-4397:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-4397:01 advisory. SDL: CVE-2019-13616 not fixed in Asianux Server 7 erratum RHSA-2019:3950 CVE-2019-14906 Tenable has extracted the preceding description block direct...
p5-Catalyst-Authentication-Credential-HTTP -- Insecure source of randomness
perl-catalyst project reports: Catalyst::Authentication::Credential::HTTP versions 1.018 and earlier for Perl generate nonces using the Perl Data::UUID library. Data::UUID does not use a strong cryptographic source for generating UUIDs. Data::UUID returns v3 UUIDs, which are generated from known...
PT-2024-23781
Name of the Vulnerable Software and Affected Versions WordPress versions 5.9 through 5.9.9 WordPress versions 6.0 through 6.0.8 WordPress versions 6.1 through 6.1.6 WordPress versions 6.2 through 6.2.5 WordPress versions 6.3 through 6.3.4 WordPress versions 6.4 through 6.4.4 WordPress versions 6....
SUSE CVE-2020-2758
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle ...
SUSE CVE-2020-2951
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle V...
PT-2023-35078 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v5.19 through v6.1.6 Description: A memory leak issue was discovered in the msm mdss parse data bus icc path function. The actual impact and attack plausibility have not yet been proven. This issue was introduced in...
Multiple vulnerabilities in Fuji Electric V-SFT
Overview Multiple vulnerabilities listed below exist in the simulator module contained in the graphic editor "V-SFT" provided by FUJI ELECTRIC CO., LTD. Out-of-bounds Write CWE-787 - CVE-2022-30538 Out-of-bounds Read CWE-125 - CVE-2022-30546 Heap-based Buffer Overflow CWE-122 - CVE-2022-26302 Use...
ZOHO ManageEngine Key Manager Plus 安全漏洞
ZOHO ManageEngine Key Manager Plus is a WEB-based SSH secret key management solution from ZOHO that helps you harden, control, manage, monitor and audit SSH keys across the entire lifecycle of the keys. It provides administrators with the ability to visualize SSH management, helping them to...
Unspecified Vulnerability in Oracle Virtualization VM VirtualBox (CNVD-2020-23400)
Oracle Virtualization is a set of virtualization solutions from Oracle Corporation. The product is used to unify the management of the entire hardware and software system from applications to disks, enabling virtualization from the desktop to the data center.VM VirtualBox is one of the virtual...
CVE-2020-2951
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle V...
CVE-2020-2913
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 6.0.20 and prior to 6.1.6. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...
CVE-2020-2748
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle ...
UBUNTU-CVE-2020-2902
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle V...
March 5, 2019, update for Access 2010 (KB4018363)
March 5, 2019, update for Access 2010 KB4018363 This article describes update 4018363 for Microsoft Access 2010 that was released on March 5, 2019.Be aware that the update in the Microsoft Download Center applies to the Microsoft Installer .msi-based edition of Office 2010. It doesn't apply to th...
Synology DiskStation Manager Cross-Site Scripting Vulnerability (CNVD-2019-03275)
Synology DiskStation Manager DSM is an operating system for use on Network Storage Servers NAS from Synology. The operating system manages information such as data, files, photos, music, and more. A cross-site scripting vulnerability exists in the info.cgi file in Synology DSM versions prior to...
UBUNTU-CVE-2017-7656
In Eclipse Jetty, versions 9.2.x and older, 9.3.x all configurations, and 9.4.x non-default configuration with RFC2616 compliance enabled, HTTP/0.9 is handled poorly. An HTTP/1 style request line i.e. method space URI space version that declares a version of HTTP/0.9 was accepted and treated as a...