Ragic, Inc. Security Vulnerabilities

Photon OS 1.0: Ruby PHSA-2017-0002

An update of the ruby package has been...

Photon OS 1.0: Ruby PHSA-2017-0034

An update of the ruby package has been...

Photon OS 1.0: Cairo PHSA-2017-0039

An update of the cairo package has been...

Photon OS 1.0: Openldap PHSA-2017-0024

An update of the openldap package has been...

Photon OS 2.0: Libtiff PHSA-2017-2.0-0007

An update of the libtiff package has been...

JVN#29471697: Android App "TP-Link Tether" and "TP-Link Tapo" vulnerable to improper server certificate verification

Android App "TP-Link Tether" and "TP-Link Tapo" provided by TP-LINK GLOBAL INC. are vulnerable to improper server certificate verification (CWE-295). ## Impact A man-in-the-middle attack may allow an attacker to eavesdrop on an encrypted communication. ## Solution Update the application Update the....

Photon OS 2.0: Libgcrypt PHSA-2018-2.0-0091

An update of the libgcrypt package has been...

Photon OS 2.0: Strongswan PHSA-2018-2.0-0086

An update of the strongswan package has been...

Photon OS 2.0: Binutils PHSA-2018-2.0-0021

An update of the binutils package has been...

Photon OS 1.0: Curl PHSA-2018-1.0-0186

An update of the curl package has been...

Photon OS 1.0: Perl PHSA-2018-1.0-0175

An update of the perl package has been...

Photon OS 1.0: Freetype2 PHSA-2018-1.0-0148

An update of the freetype2 package has been...

Photon OS 1.0: Pycrypto PHSA-2018-1.0-0126

An update of the pycrypto package has been...

Photon OS 1.0: Net PHSA-2018-1.0-0126

An update of the net package has been...

Photon OS 2.0: Go PHSA-2018-2.0-0026

An update of the go package has been...

Photon OS 2.0: Go PHSA-2018-2.0-0034

An update of the go package has been...

Photon OS 1.0: Ruby PHSA-2018-1.0-0100

An update of the ruby package has been...

Photon OS 1.0: Go PHSA-2018-1.0-0117

An update of the go package has been...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : snapd vulnerability (USN-4728-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 host has packages installed that are affected by a vulnerability as referenced in the USN-4728-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...

Ubuntu 18.10 : linux-azure vulnerabilities (USN-3878-2)

It was discovered that a race condition existed in the vsock address family implementation of the Linux kernel that could lead to a use-after-free condition. A local attacker in a guest virtual machine could use this to expose sensitive information (host machine kernel memory). (CVE-2018-14625)...

CVE-2023-52739

In the Linux kernel, the following vulnerability has been resolved: Fix page corruption caused by racy check in __free_pages When we upgraded our kernel, we started seeing some page corruption like the following consistently: BUG: Bad page state in process ganesha.nfsd pfn:1304ca...

Kaseya Virtual System Administrator - Open Redirect

Kaseya Virtual System Administrator 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 are susceptible to an open redirect vulnerability. An attacker can redirect users to arbitrary web sites and conduct phishing attacks via unspecified...

Photon OS 1.0: Wget PHSA-2017-0023

An update of the wget package has been...

Photon OS 1.0: Curl PHSA-2017-0044

An update of the curl package has been...

Photon OS 2.0: Libjpeg PHSA-2017-2.0-0007

An update of the libjpeg package has been...

Photon OS 1.0: Systemd PHSA-2017-0041

An update of the systemd package has been...

Photon OS 1.0: Tcpdump PHSA-2017-0033

An update of the tcpdump package has been...

Debian DSA-4382-1 : rssh - security update

Nick Cleaton discovered two vulnerabilities in rssh, a restricted shell that allows users to perform only scp, sftp, cvs, svnserve (Subversion), rdist and/or rsync operations. Missing validation in the rsync support could result in the bypass of this restriction, allowing the execution of...

Dell Client BIOS Incorrect Authorization (DSA-2024-122)

Dell Client Platform contains an incorrect authorization vulnerability. An attacker with physical access to the system could potentially exploit this vulnerability by bypassing BIOS authorization to modify settings in the BIOS. Note that Nessus has not tested for this issue but has instead relied.....

Ubuntu 22.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6497-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6497-1 advisory. A flaw was found in KVM. An improper check in svm_set_x2apic_msr_interception() may allow direct access to host x2apic msrs when the guest resets...

Photon OS 1.0: Shadow PHSA-2018-1.0-0171

An update of the shadow package has been...

Photon OS 1.0: Binutils PHSA-2018-1.0-0112

An update of the binutils package has been...

Photon OS 2.0: Wget PHSA-2017-2.0-0008

An update of the wget package has been...

Photon OS 2.0: Gettext PHSA-2018-2.0-0116

An update of the gettext package has been...

Photon OS 2.0: Perl PHSA-2018-2.0-0084

An update of the perl package has been...

Photon OS 2.0: Freetype2 PHSA-2018-2.0-0058

An update of the freetype2 package has been...

Photon OS 2.0: Librelp PHSA-2018-2.0-0039

An update of the librelp package has been...

Photon OS 2.0: Libtiff PHSA-2018-2.0-0016

An update of the libtiff package has been...

Photon OS 2.0: Rsync PHSA-2018-2.0-0009

An update of the rsync package has been...

Photon OS 1.0: Redis PHSA-2018-1.0-0156

An update of the redis package has been...

Photon OS 1.0: Rsync PHSA-2018-1.0-0096

An update of the rsync package has been...

Photon OS 2.0: Shadow PHSA-2018-2.0-0080

An update of the shadow package has been...

Photon OS 2.0: Libtiff PHSA-2018-2.0-0048

An update of the libtiff package has been...

Photon OS 2.0: Curl PHSA-2018-2.0-0009

An update of the curl package has been...

Ubuntu 20.04 LTS / 22.04 LTS : matio vulnerability (USN-6829-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6829-1 advisory. It was discovered that matio incorrectly handled certain malformed files. An attacker could possibly use this issue to cause a denial of service. ...

Ubuntu 20.04 LTS : Git vulnerability (USN-6793-2)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6793-2 advisory. USN-6793-1 fixed vulnerabilities in Git. The CVE-2024-32002 was pending further investigation. This update fixes the problem. Original advisory details: It...

CVE-2022-40538

Transient DOS due to reachable assertion in modem while processing sib with incorrect values from...

Debian DLA-1656-1 : agg security update

A stack overflow vulnerability was discovered in AGG, the AntiGrain Geometry graphical toolkit, that may lead to code execution if a malformed file is processed. Since AGG only provides a static library, the desmume and exactimage packages were rebuilt against the latest security update. For...

Slackware 14.1 / 14.2 : mariadb (SSA:2019-032-01)

New mariadb packages are available for Slackware 14.1 and 14.2 to fix security...

Debian DSA-4379-1 : golang-1.7 - security update

A vulnerability was discovered in the implementation of the P-521 and P-384 elliptic curves, which could result in denial of service and in some cases key recovery. In addition this update fixes a vulnerability in 'go get', which could result in the execution of arbitrary shell...