CentOS 9 : libssh-0.10.4-12.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the libssh-0.10.4-12.el9 build changelog. - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to...

[SECURITY] Fedora 39 Update: curl-8.2.1-5.fc39

curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FILE, IMA P, SMTP, POP3 and RTSP. curl supports SSL certificates, HTTP POST, HTTP PUT, FTP uploading, HTTP form based upload, proxies, cookies,...

java-21-openjdk security update

1:21.0.3.0.9-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:21.0.3.0.9-1 - Update to jdk-21.0.3+9 GA - Update release notes to 21.0.3+9 - Switch to GA mode. - Sync the copy of the portable specfile with the latest update - This tarball is embargoed until 2024-04-16 @ 1pm PT. - Resolves:...

SUSE CVE-2024-31581

FFmpeg version n6.1 was discovered to contain an improper validation of array index vulnerability in libavcodec/cbsh266syntaxtemplate.c. This vulnerability allows attackers to cause undefined behavior within the application...

The vulnerability of the PAN-OS operating system, related to errors in syntax validation during input processing, allows attackers to trigger service failures.

The vulnerability of the PAN-OS operating system is related to errors in syntax validation during input processing. Exploiting this vulnerability allows a malicious actor to trigger a service failure using specially created Windows New Technology LAN Manager NTLM packets from Windows servers...

EulerOS Virtualization 2.10.0 : libssh (EulerOS-SA-2024-1528)

According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attacker...

UBUNTU-CVE-2024-31581

FFmpeg version n6.1 was discovered to contain an improper validation of array index vulnerability in libavcodec/cbsh266syntaxtemplate.c. This vulnerability allows attackers to cause undefined behavior within the application...

GHSA-G9WG-98C2-QV3V TCPDF Cross-site Scripting vulnerability

TCPDF before 6.7.4 mishandles calls that use HTML syntax...

TCPDF Cross-site Scripting vulnerability

TCPDF before 6.7.4 mishandles calls that use HTML syntax...

DEBIAN-CVE-2024-32489

TCPDF before 6.7.4 mishandles calls that use HTML syntax...

CVE-2024-32489

TCPDF before 6.7.4 mishandles calls that use HTML syntax...

CVE-2024-32489

TCPDF before 6.7.4 mishandles calls that use HTML syntax...

CVE-2024-32489

TCPDF before 6.7.4 mishandles calls that use HTML syntax...

UBUNTU-CVE-2024-32489

TCPDF before 6.7.4 mishandles calls that use HTML syntax...

CVE-2024-32489

TCPDF before 6.7.4 mishandles calls that use HTML syntax...

TCPDF 安全漏洞

TCPDF is an open source library from Tecnick. It is used to generate PDF documents and barcodes. A security vulnerability exists in TCPDF versions prior to 6.7.4, which stems from incorrectly handling calls that use HTML syntax...

CVE-2024-32489

TCPDF vulnerability CVE-2024-32489 involves mishandling calls that use HTML syntax. Connected advisories confirm impact across Debian releases with multiple CVEs in TCPDF and provide versioned fixes: Debian bullseye updates to 6.3.5+dfsg1-1+deb11u1; Debian bookworm fixes to 6.6.2+dfsg1-1+deb12u1;...

CVE-2024-32489

TCPDF before 6.7.4 mishandles calls that use HTML syntax...

CVE-2024-32489

TCPDF before 6.7.4 mishandles calls that use HTML syntax...

XWiki 3.0.1 < 14.10.19, 15.0-rc-1 < 15.5.4, 15.6-rc-1 < 15.9 RCE Vulnerability (GHSA-hf43-47q4-fhq5)

Xwiki is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...