RHEL 7 : libjpeg-turbo (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libjpeg-turbo: Stack-based buffer overflow in the transform component CVE-2020-17541 - libjpeg-turbo 1.5....

RHEL 6 : ncurses (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ncurses: Stack-based buffer overflow caused by format string vulnerability in fmtentry function...

RHEL 8 : file (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - file: out-of-bounds read in docorenote in readelf.c CVE-2019-8906 - docorenote in readelf.c in libmagic.a...

RHEL 9 : vim (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - vim: buffer overflow CVE-2020-20703 - vim: Heap based buffer overflow in findfile.c CVE-2021-3973 - vim i...

RHEL 5 : nasm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nasm: double-free vulnerability in pptokline asm/preproc.c CVE-2020-24978 - In Netwide Assembler NASM...

RHEL 6 : pcre (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - pcre: stack-based buffer overflow write in pcre32copysubstring CVE-2017-7246 - In PCRE 8.41, the OPKETRMA...

RHEL 5 : zsh (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - zsh: buffer overrun in symlinks CVE-2017-18206 - In builtin.c in zsh before 5.4, when sh compatibility mo...

RHEL 7 : libtasn1 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libtasn1: Stack-based buffer overflow in asn1findnode CVE-2017-6891 - libtasn1: Out-of-bound access in...

RHEL 5 : python (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - python: Heap overflow in zipimporter module CVE-2016-5636 - python: Stack-based buffer overflow in...

RHEL 7 : mgetty (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - mgetty: command injection in faxrunq CVE-2018-16741 - mgetty: Stack-based buffer overflow in faxnotifymai...

RHEL 8 : imagemagick (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ImageMagick: Uninitialized variable in coders/mat.c:ReadMATImageV4 allows for memory corruption...

RHEL 6 : transfig (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - transfig: Buffer underwrite in read.c:getline via crafted FIG file CVE-2018-16140 - An array index error ...

RHEL 5 : transfig (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - transfig: Buffer underwrite in read.c:getline via crafted FIG file CVE-2018-16140 - An array index error ...

RLSA-2024:2512 Low: file security update

The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format ELF binary files, system libraries, RPM packages, and different graphics formats. Security Fixes: file:...

CVE-2024-34942

Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter at ip/goform/exeCommand...

CVE-2024-34943

CVE-2024-34943 affects Tenda FH1206 router (version 1.2.0.8(8155) EN). The vulnerability is a stack-based buffer overflow in the ip/goform/NatStaticSetting endpoint via the page parameter due to input length validation issues, enabling potential remote code execution or denial of service. Public ...

CVE-2024-34943

Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/NatStaticSetting...

CVE-2024-34945

Consolidated: CVE-2024-34945 affects Tenda FH1206 (version 1.2.0.8(8155) EN). A stack-based buffer overflow is triggered via the PPW parameter in the ip/goform/WizardHandle endpoint. Reported by multiple sources to potentially allow arbitrary code execution or denial of service; CVSS v3.1 vector ...

CVE-2024-34944

The CVE-2024-34944 affects Tenda FH1206 firmware version 1.2.0.8(8155) EN. A stack-based buffer overflow is triggered via the list1 parameter at the ip/goform/DhcpListClient endpoint due to insufficient input length validation. Impact is high on confidentiality, integrity, and availability (per C...

CVE-2024-34944

Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the list1 parameter at ip/goform/DhcpListClient...