IID, Inc. Security Vulnerabilities

Dell Client BIOS Multiple Vulnerabilities (DSA-2024-124)

Dell Client Platform BIOS contains multiple Improper Input Validation vulnerabilities in an externally developed component. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution. Note that Nessus has not tested for this issue but has...

Debian DLA-1641-1 : mxml security update

Several stack exhaustion conditions were found in mxml that can easily crash when parsing xml files. CVE-2016-4570 The mxmlDelete function in mxml-node.c allows remote attackers to cause a denial of service (stack consumption) via crafted xml file. CVE-2016-4571 The mxml_write_node function in...

IBM MQ 9.3 < 9.3.0.20 LTS / 9.3 < 9.4 CD Privilege Escalation (7158072)

The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7158072 advisory. IBM MQ could allow an authenticated user to escalate their privileges under certain configurations due to incorrect privilege assignment. (CVE-2024-31912) Note that...

Hanwha Vision IP Cameras Command Injection (CVE-2023-5747)

Bashis, a Security Researcher at IPVM has found a flaw that allows for a remote code execution during the installation of Wave on the camera device. The Wave server application in camera device was vulnerable to command injection allowing an attacker to run arbitrary code. HanwhaVision has...

Ubuntu 22.04 LTS : Linux kernel (HWE) vulnerabilities (USN-6818-4)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6818-4 advisory. Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly validate H2C PDU data, leading to a null pointer...

Ubuntu 20.04 LTS : Linux kernel vulnerabilities (USN-6549-5)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6549-5 advisory. An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in read_descriptors in...

Ubuntu 20.04 LTS : Linux kernel (IoT) vulnerabilities (USN-6548-5)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6548-5 advisory. A known cache speculation vulnerability, known as Branch History Injection (BHI) or Spectre-BHB, becomes actual again for the new hw AmpereOne....

Debian DSA-4366-1 : vlc - security update

An integer underflow was discovered in the CAF demuxer of the VLC media...

Debian DLA-1682-1 : uriparser security update

Joergen Ibsen reported an issue with uriparser, a URI parsing library compliant with RFC 3986. An Out-of-bounds read for incomplete URIs with IPv6 addresses with embedded IPv4 address, e.g. '//[::44.1', were possible. For Debian 8 'Jessie', this problem has been fixed in version 0.8.0.1-2+deb8u2......

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : ADOdb vulnerabilities (USN-6825-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6825-1 advisory. It was discovered that the PDO driver in ADOdb was incorrectly handling string quotes. A remote attacker could...

Photon OS 1.0: Linux PHSA-2018-1.0-0132

An update of the linux package has been...

Debian DSA-4371-1 : apt - security update

Max Justicz discovered a vulnerability in APT, the high level package manager. The code handling HTTP redirects in the HTTP transport method doesn't properly sanitize fields transmitted over the wire. This vulnerability could be used by an attacker located as a man-in-the-middle between APT and a.....

RHEL 7 : libvncserver (RHSA-2019:0059)

An update for libvncserver is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability.....

Photon OS 1.0: Libsolv PHSA-2019-1.0-0212

An update of the libsolv package has been...

Photon OS 2.0: Kibana PHSA-2019-2.0-0132

An update of the kibana package has been...

Photon OS 2.0: Keepalived PHSA-2019-2.0-0134

An update of the keepalived package has been...

GLSA-201903-15 : NTP: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201903-15 (NTP: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in NTP. Please review the CVE identifiers referenced below for details. Impact : An attacker could cause a Denial of Service condition,...

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : libndp vulnerability (USN-6830-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6830-1 advisory. It was discovered that libndp incorrectly handled certain malformed IPv6 router advertisement packets. A local attacker could...

Exploit for CVE-2023-43115

ghostscript-CVE-2023-43115 A small write-up with examples to...

SolarWinds Serv-U 15.4.2 < 15.4.3

The version of SolarWinds Serv-U installed on the remote host is prior to 15.4.2 HF2. It is, therefore, affected by a vulnerability as referenced in the solarwinds_serv-u_15_4_2_hf_2 advisory. SolarWinds Serv-U was susceptible to a directory transversal vulnerability that would allow access to...

Debian dsa-5715 : composer - security update

The remote Debian 11 / 12 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-5715 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5715-1 [email protected] ...

RHEL 6 : pcs (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. pcs: Cross-Site Request Forgery in web UI (CVE-2016-0720) Session fixation vulnerability in pcsd in pcs...

Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS : PHP vulnerability (USN-6841-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6841-1 advisory. It was discovered that PHP could early return in the filter_var function resulting in invalid user information being treated as...

Ubuntu 20.04 LTS : Linux kernel (GKE) vulnerabilities (USN-6548-4)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6548-4 advisory. A known cache speculation vulnerability, known as Branch History Injection (BHI) or Spectre-BHB, becomes actual again for the new hw AmpereOne....

Google Chrome < 126.0.6478.114 Multiple Vulnerabilities

The version of Google Chrome installed on the remote macOS host is prior to 126.0.6478.114. It is, therefore, affected by multiple vulnerabilities as referenced in the 2024_06_stable-channel-update-for-desktop_18 advisory. Type Confusion in V8. (CVE-2024-6100) Inappropriate implementation in...

Fedora 29 : tmux (2018-e5e93f4c7b)

fixes rhbz #1652128 and #1652127 - CVE-2018-19387 tmux: NULL pointer Dereference in format_cb_pane_tabs in format.c Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean...

GitLab 16.11.0 < 16.11.5 / 17.0.0 < 17.0.3 / 17.1.0 < 17.1.1 (CVE-2024-6323)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: Improper authorization in global search in GitLab EE affecting all versions from 16.11 prior to 16.11.5 and 17.0 prior to 17.0.3 and 17.1 prior to 17.1.1 allows an attacker leak content of a private...

IBM MQ 9.3 < 9.3.0.20 LTS / 9.3 < 9.4 CD (7158059)

The version of IBM MQ Server running on the remote host is affected by a vulnerability as referenced in the 7158059 advisory. IBM MQ Console could disclose could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This...

libndp >= 1.0 Buffer Overflow

A vulnerability was found in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. This issue occurred as libndp was not correctly validating the route length information. Note that Nessus...

Ubuntu 22.04 LTS : Linux kernel (GCP) vulnerabilities (USN-6635-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6635-1 advisory. An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in read_descriptors in...

GLSA-201903-09 : GNU C Library: Arbitrary descriptor allocation

The remote host is affected by the vulnerability described in GLSA-201903-09 (GNU C Library: Arbitrary descriptor allocation) A vulnerability was discovered in the GNU C Library functions xdr_bytes and xdr_string. Impact : A remote attacker, by sending a crafted UDP packet, could cause a...

GLSA-201903-01 : Keepalived: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201903-01 (Keepalived: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in keepalived. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could send a specially...

Ivanti Endpoint Manager < 2022 SU4 Privilege Escalation (SA-2023-06-20)

A deserialization of untrusted data exists in EPM 2022 Su3 and all prior versions that allows an unauthenticated user to elevate rights. This exploit could potentially be used in conjunction with other OS (Operating System) vulnerabilities to escalate privileges on the machine or be used as a...

Ollama < 0.1.34 Improper Input Validation

The version of Ollama installed on the remote host is prior to 0.1.34. It is, therefore, affected by an improper input validation vulnerability. Ollama before 0.1.34 does not validate the format of the digest (sha256 with 64 hex digits) when getting the model path, and thus mishandles the...

Photon OS 1.0: Perl PHSA-2019-1.0-0212

An update of the perl package has been...

Photon OS 2.0: Binutils PHSA-2019-2.0-0134

An update of the binutils package has been...

Ubuntu 22.04 LTS / 23.10 : Linux kernel vulnerabilities (USN-6536-1)

The remote Ubuntu 22.04 LTS / 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6536-1 advisory. A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode...

OpenTelemetry Collector < 0.102.1 DoS

The OpenTelemetry Collector offers a vendor-agnostic implementation on how to receive, process and export telemetry data. An unsafe decompression vulnerability allows unauthenticated attackers to crash the collector via excessive memory consumption. OTel Collector version 0.102.1 fixes this issue.....

Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities (July 2016 CPU)

The version of Oracle HTTP Server installed on the remote host is affected by multiple vulnerabilities as noted in the July 2016 CPU...

CVE-2024-1587

The Newsmatic theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.0 via the 'newsmatic_filter_posts_load_tab_content'. This makes it possible for unauthenticated attackers to view draft posts and post...

Debian DLA-1671-1 : coturn security update

Multiple vulnerabilities were discovered in coTURN, a TURN and STUN server for VoIP. CVE-2018-4056 A SQL injection vulnerability was discovered in the coTURN administrator web portal. As the administration web interface is shared with the production, it is unfortunately not possible to easily...

Wireshark 2.4.x < 2.4.12 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is 2.4.x prior to 2.4.12. It is, therefore, affected by multiple denial of service vulnerabilities in the following protocol dissectors: P_MUL RTSE ISAKMP ENIP An attacker could cause Wireshark to crash by injecting a...

Debian dla-3846 : libmojolicious-perl - security update

The remote Debian 10 host has a package installed that is affected by a vulnerability as referenced in the dla-3846 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3846-1 [email protected] ...

VMware Fusion 12.0.x < 12.2.1 Multiple Vulnerabilities (VMSA-2022-0004)

The version of VMware Fusion installed on the remote macOS or Mac OS X host is 12.0.x prior to 12.2.1. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version...

Debian dsa-5718 : elpa-org - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dsa-5718 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5718-1 [email protected] ...

Debian DLA-1644-1 : policykit-1 security update

Two vulnerabilities were found in Policykit, a framework for managing administrative policies and privileges : CVE-2018-19788 It was discovered that incorrect processing of very high UIDs in Policykit could result in authentication bypass. CVE-2019-6133 Jann Horn of Google found that Policykit...

Wireshark 2.2.x < 2.2.17 / 2.4.x < 2.4.9 / 2.6.x < 2.6.3 Multiple Vulnerabilities (macOS)

The version of Wireshark installed on the remote macOS / Mac OS X host is 2.2.x prior to 2.2.17 / 2.4.x prior to 2.4.9 / 2.6.x prior to 2.6.3. It is, therefore, affected by multiple denial of service vulnerabilities in the following protocol dissectors: Bluetooth Attribute Protocol Radiotap ...

Debian DLA-1670-1 : ghostscript security update

Tavis Ormandy discovered a vulnerability in Ghostscript, the GPL PostScript/PDF interpreter, which may result in denial of service or the execution of arbitrary code if a malformed Postscript file is processed (despite the -dSAFER sandbox being enabled). For Debian 8 'Jessie', this problem has...

Debian DSA-4407-1 : xmltooling - security update

Ross Geerlings discovered that the XMLTooling library didn't correctly handle exceptions on malformed XML declarations, which could result in denial of service against the application using...

ManageEngine OpManager XSS (CVE-2024-36038)

A cross-side scripting vulnerability exists in the configured proxy server for ManageEngine OpManager 12.8.234. A attacker can use this vulnerability to alter the intended functionality of the proxy server, potentially leading to credentials disclosure within a trusted session. Note that Nessus...