SUSE CVE-2015-3165

Double free vulnerability in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 allows remote attackers to cause a denial of service crash by closing an SSL session at a time when the authentication timeout will expire during the session...

SUSE CVE-2019-1559

If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received...

Moderate: qt5-qtbase and qt5-qtwebsockets security and bug fix update

Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt. Security Fixes: qt: XML entity expansion vulnerability CVE-2015-9541 qt5-qtwebsockets: websocket implementation allows only limited size for frames and...

ALSA-2020:4690 Moderate: qt5-qtbase and qt5-qtwebsockets security and bug fix update

Qt is a software toolkit for developing applications. The qt5-base packages contain base tools for string, xml, and network handling in Qt. Security Fixes: qt: XML entity expansion vulnerability CVE-2015-9541 qt5-qtwebsockets: websocket implementation allows only limited size for frames and...

NewStart CGSL CORE 5.04 / MAIN 5.04 : openssl Multiple Vulnerabilities (NS-SA-2019-0206)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openssl packages installed that are affected by multiple vulnerabilities: - The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signin...

openssl: 0-byte record padding oracle

If an application encounters a fatal protocol error and then calls SSLshutdown twice once to send a closenotify, and once to receive one then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received...

SUSE-SU-2019:1608-1 Security update for compat-openssl098

This update for compat-openssl098 fixes the following issues: - CVE-2019-1559: Fix 0-byte record padding oracle via SSLshutdown bsc1127080 - Reject invalid EC point coordinates bsc1131291 - Fixed 'The 9 Lives of Bleichenbacher's CAT: Cache ATtacks on TLS Implementations' bsc1117951...

Fedora 10 : proftpd-1.3.1-8.fc10 (2009-0089)

This update fixes a security issue where an attacker could conduct cross-site request forgery CSRF attacks and execute arbitrary FTP commands. It also fixes some SSL shutdown issues seen with certain clients. Note that Tenable Network Security has extracted the preceding description block directl...

Fedora Core 10 FEDORA-2009-0089 (proftpd)

The remote host is missing an update to proftpd announced via advisory FEDORA-2009-0089. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...

Fedora Core 10 FEDORA-2009-0089 (proftpd)

The remote host is missing an update to proftpd announced via advisory FEDORA-2009-0089. OpenVAS Vulnerability Test $Id: fcore20090089.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-0089 proftpd Authors: Thomas Reinke Copyright: Copyright c 2009...

Fedora Core 9 FEDORA-2009-0064 (proftpd)

The remote host is missing an update to proftpd announced via advisory FEDORA-2009-0064. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...

Fedora Core 9 FEDORA-2009-0064 (proftpd)

The remote host is missing an update to proftpd announced via advisory FEDORA-2009-0064. OpenVAS Vulnerability Test $Id: fcore20090064.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-0064 proftpd Authors: Thomas Reinke Copyright: Copyright c 2009...

Fedora Core 8 FEDORA-2009-0195 (proftpd)

The remote host is missing an update to proftpd announced via advisory FEDORA-2009-0195. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...