RHEL 9 : vim (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - vim: buffer overflow CVE-2020-20703 - vim: Heap based buffer overflow in findfile.c CVE-2021-3973 - vim i...

RHEL 5 : icu (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - icu: Stack based buffer overflow in locid.cpp CVE-2016-7415 - The ulocacceptLanguageFromHTTP function in...

RHEL 5 : nasm (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nasm: double-free vulnerability in pptokline asm/preproc.c CVE-2020-24978 - In Netwide Assembler NASM...

RHEL 8 : file (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - file: out-of-bounds read in docorenote in readelf.c CVE-2019-8906 - docorenote in readelf.c in libmagic.a...

RHEL 7 : libvorbis (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libvorbis: heap buffer overflow in mapping0forward function CVE-2018-10392 - The vorbisanalysiswrote...

RHEL 7 : libjpeg-turbo (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libjpeg-turbo: Stack-based buffer overflow in the transform component CVE-2020-17541 - libjpeg-turbo 1.5....

RHEL 8 : libraw (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - LibRaw: Stack-based buffer overflow in quicktake100loadraw function in internal/dcrawcommon.cpp...

RHEL 5 : gimp (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gimp: Heap-based buffer overflow in readchanneldata function in plug-ins/common/file-psp.c CVE-2017-17789...

RHEL 7 : libtasn1 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libtasn1: Stack-based buffer overflow in asn1findnode CVE-2017-6891 - libtasn1: Out-of-bound access in...

RHEL 7 : gd,_php (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - gd, php: Stack based buffer overflow in dynamicGetbuf CVE-2016-8670 - The dynamicGetbuf function in the G...

RHEL 5 : transfig (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - transfig: Buffer underwrite in read.c:getline via crafted FIG file CVE-2018-16140 - An array index error ...

RHEL 6 : libxml2 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libxml2: Use after free via namespace node in XPointer ranges CVE-2016-4658 - libxml2: Missing validation...

RHEL 5 : ncurses (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ncurses: Stack-based buffer overflow caused by format string vulnerability in fmtentry function...

RLSA-2024:2512 Low: file security update

The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types, including Executable and Linkable Format ELF binary files, system libraries, RPM packages, and different graphics formats. Security Fixes: file:...

CVE-2024-34942

Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter at ip/goform/exeCommand...

CVE-2024-34943

Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/NatStaticSetting...

CVE-2024-34943

CVE-2024-34943 affects Tenda FH1206 router (version 1.2.0.8(8155) EN). The vulnerability is a stack-based buffer overflow in the ip/goform/NatStaticSetting endpoint via the page parameter due to input length validation issues, enabling potential remote code execution or denial of service. Public ...

CVE-2024-34945

Consolidated: CVE-2024-34945 affects Tenda FH1206 (version 1.2.0.8(8155) EN). A stack-based buffer overflow is triggered via the PPW parameter in the ip/goform/WizardHandle endpoint. Reported by multiple sources to potentially allow arbitrary code execution or denial of service; CVSS v3.1 vector ...

CVE-2024-34944

The CVE-2024-34944 affects Tenda FH1206 firmware version 1.2.0.8(8155) EN. A stack-based buffer overflow is triggered via the list1 parameter at the ip/goform/DhcpListClient endpoint due to insufficient input length validation. Impact is high on confidentiality, integrity, and availability (per C...

CVE-2024-34944

Tenda FH1206 V1.2.0.88155EN was discovered to contain a stack-based buffer overflow vulnerability via the list1 parameter at ip/goform/DhcpListClient...