180 matches found
CVE-2019-8564
A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An attacker in a privileged network position can modify driver state...
CVE-2020-3915
A path handling issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. A malicious application may be able to overwrite arbitrary files...
CVE-2020-9934
An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6. A local user may be able to view sensitive user information...
webkitgtk: Race condition allows reading of restricted memory
A race condition was addressed with additional validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. An application may be able to read restricted memory...
SUSE-SU-2020:2304-1 Security update for grub2
This update for grub2 fixes the following issues: - CVE-2020-15705: Fail kernel validation without shim protocol bsc1174421. - Add fibre channel device's ofpath support to grub-ofpathname and search hint to speed up root device discovery bsc1172745...
UBUNTU-CVE-2020-3898
A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. An application may be able to gain elevated privileges...
Huawei EulerOS: Security Advisory for elinks (EulerOS-SA-2019-2574)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-8566
An API issue existed in the handling of microphone data. This issue was addressed with improved validation. This issue is fixed in iOS 12.2. A malicious application may be able to access the microphone without indication to the user...
CVE-2019-8502
An API issue existed in the handling of dictation requests. This issue was addressed with improved validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A malicious application may be able to initiate a Dictation request without user authorization...
SUSE-SU-2019:2798-1 Security update for python3
This update for python3 fixes the following issues: - CVE-2019-16056: Fixed a parser issue in the email module. bsc1149955 - CVE-2018-20852: Fixed an incorrect domain validation that could lead to cookies being sent to the wrong server. bsc1141853...
CVE-2019-1019
A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages. To exploit this vulnerability, an attacker could send a specially crafted authentication request. An attacker who successfully exploited this vulnerability could access...
CVE-2019-6225
A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 12.1.3, macOS Mojave 10.14.3, tvOS 12.1.2. A malicious application may be able to elevate privileges...
CVE-2016-4643
CVE-2016-4643 affects Apple iOS (prior to 9.3.3), tvOS (prior to 9.2.2) and OS X El Capitan (prior to 10.11.6 and Security Update 2016-004). Root cause: a validation issue in the parsing of HTTP 407 responses within CFNetwork Proxies. Consequence (as stated by Apple and CVE references): an attack...
openSUSE: Security Advisory for tboot (openSUSE-SU-2017:3100-1)
The remote host is missing an update for the Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
ALPINE-CVE-2017-15191
In Wireshark 2.4.0 to 2.4.1, 2.2.0 to 2.2.9, and 2.0.0 to 2.0.15, the DMP dissector could crash. This was addressed in epan/dissectors/packet-dmp.c by validating a string length...
ALPINE-CVE-2017-6468
In Wireshark 2.2.0 to 2.2.4 and 2.0.0 to 2.0.10, there is a NetScaler file parser crash, triggered by a malformed capture file. This was addressed in wiretap/netscaler.c by validating the relationship between pages and records...
Unbreakable Enterprise kernel security and bugfix update
kernel-uek 3.8.13-118.13.2 - HID: hiddev: validate numvalues for HIDIOCGUSAGES, HIDIOCSUSAGES commands Scott Bauer Orabug: 24798695 CVE-2016-5829 3.8.13-118.13.1 - Revert 'rds: skip rx/tx work when destroying connection' Brian Maly Orabug: 24790116 3.8.13-118.12.1 - scsisysfs: protect against...
Slackware Advisory SSA:2003-141-04 GnuPG key validation fix
The remote host is missing an update as announced via advisory SSA:2003-141-04. OpenVAS Vulnerability Test $Id: esoftslkssa200314104.nasl 6598 2017-07-07 09:36:44Z cfischer $ Description: Auto-generated from the corresponding slackware advisory Authors: Thomas Reinke Copyright: Copyright c 2012...
php security update
CentOS Errata and Security Advisory CESA-2012:1045 Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base...
GnuPG key validation fix
A key validation bug which results in all user IDs on a given key being treated with the validity of the most-valid user ID on that key has been fixed with the release of GnuPG 1.2.2. We recommend sites using GnuPG upgrade to this new package. For detailed information about the problem, see this...