The remote host is affected by the vulnerability described in GLSA-202004-06 (GnuTLS: DTLS protocol regression)

    It was discovered that DTLS client did not contribute any randomness to       the DTLS negotiation.
  Impact :

    Please review the referenced advisory for details.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202004-05 (ledger: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in ledger. Please review       the CVE identifiers referenced below for details.
  Impact :

    A remote attacker could entice a user to process a specially crafted       file using ledger, possibly resulting in execution of arbitrary code with       the privileges of the process or a Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202004-04 (Qt WebEngine: Arbitrary code execution)

    A use-after-free vulnerability has been found in the audio component of       Qt WebEngine.
  Impact :

    A remote attacker could entice a user to open a specially crafted media       file in an application linked against Qt WebEngine, possibly resulting in       execution of arbitrary code with the privileges of the process or a       Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202004-03 (GPL Ghostscript: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in GPL Ghostscript. Please       review the CVE identifiers referenced below for details.
  Impact :

    A remote attacker could entice a user to process a specially crafted       file using GPL Ghostscript, possibly resulting in execution of arbitrary       code with the privileges of the process or a Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202004-02 (VirtualBox: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in VirtualBox. Please       review the CVE identifiers referenced below for details.
  Impact :

    An attacker could take control of VirtualBox resulting in the execution       of arbitrary code with the privileges of the process, a Denial of Service       condition, or other unspecified impacts.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202004-01 (HAProxy: Remote execution of arbitrary code)

    It was discovered that HAProxy incorrectly handled certain HTTP/2       headers.
  Impact :

    A remote attacker could send a specially crafted HTTP/2 header, possibly       resulting in execution of arbitrary code with the privileges of the       process or a Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-66 (QEMU: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in QEMU. Please review the       CVE identifiers referenced below for details.
  Impact :

    An attacker could possibly execute arbitrary code with the privileges of       the process or cause a Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-65 (FFmpeg: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in FFmpeg. Please review       the CVE identifiers referenced below for details.
  Impact :

    A remote attacker could entice a user or automated system using FFmpeg       to process a specially crafted file, resulting in the execution of       arbitrary code or a Denial of Service.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-64 (libxls: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in libxls. Please review       the CVE identifiers referenced below for details.
  Impact :

    A remote attacker could entice a user to process a specially crafted       Excel file using libxls, possibly resulting in execution of arbitrary       code with the privileges of the process or a Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-63 (GNU IDN Library 2: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in GNU IDN Library 2.
      Please review the CVE identifiers referenced below for details.
  Impact :

    A remote attacker could send specially crafted input, possibly resulting       in execution of arbitrary code with the privileges of the process,       impersonation of domains or a Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-62 (GNU Screen: Buffer overflow)

    A buffer overflow was found in the way GNU Screen treated the special       escape OSC 49.
  Impact :

    A remote attacker, by writing a specially crafted string of characters       to a GNU Screen window, could possibly corrupt memory or have other       unspecified impact.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-61 (Adobe Flash Player: Remote execution of arbitrary code)

    A critical type confusion vulnerability was discovered in Adobe Flash       Player.
  Impact :

    A remote attacker could possibly execute arbitrary code with the       privileges of the process or cause a Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-60 (QtCore: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in QtCore. Please review       the CVE identifiers referenced below for details.
  Impact :

    An attacker could possibly execute arbitrary code with the privileges of       the process or cause a Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-59 (libvpx: User-assisted execution of arbitrary code)

    Multiple vulnerabilities have been discovered in libvpx. Please review       the CVE identifiers referenced below for details.
  Impact :

    A remote attacker could entice a user to open a specially crafted media       file, possibly resulting in the execution of arbitrary code with the       privileges of the user running the application, or a Denial of Service.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-58 (UnZip: User-assisted execution of arbitrary code)

    Multiple vulnerabilities have been discovered in UnZip. Please review       the CVE identifiers referenced below for details.
  Impact :

    A remote attacker could entice a user to open a specially crafted ZIP       archive using UnZip, possibly resulting in execution of arbitrary code       with the privileges of the process or a Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-57 (PHP: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in PHP. Please review the       CVE identifiers referenced below for details.
  Impact :

    An attacker could possibly execute arbitrary shell commands, cause a       Denial of Service condition or obtain sensitive information.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-56 (Xen: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Xen. Please review the       referenced CVE identifiers for details.
  Impact :

    A local attacker could potentially gain privileges on the host system or       cause a Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-55 (Zsh: Privilege escalation)

    It was discovered that Zsh was insecure dropping privileges when       unsetting PRIVILEGED option.
  Impact :

    An attacker could escalate privileges.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-54 (Pure-FTPd: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Pure-FTPd. Please       review the CVE identifiers referenced below for details.
  Impact :

    A remote attacker could possibly cause a Denial of Service condition or       cause an information disclosure.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-53 (Chromium, Google Chrome: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Chromium and Google       Chrome. Please review the referenced CVE identifiers for details.
  Impact :

    A remote attacker could entice a user to open a specially crafted HTML       or multimedia file using Chromium or Google Chrome, possibly resulting in       execution of arbitrary code with the privileges of the process or a       Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-52 (Samba: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Samba. Please review       the CVE identifiers referenced below for details.
  Impact :

    A remote attacker could possibly execute arbitrary code, cause a Denial       of Service condition, conduct a man-in-the-middle attack, or obtain       sensitive information.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-51 (WeeChat: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in WeeChat. Please review       the CVE identifiers referenced below for details.
  Impact :

    A remote attacker, by sending a specially crafted IRC message, could       possibly cause a Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-50 (Tor: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Tor, and tor. Please       review the CVE identifiers referenced below for details.
  Impact :

    A remote attacker could possibly cause a Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-49 (BlueZ: Security bypass)

    It was discovered that the HID and HOGP profiles implementations in       BlueZ did not specifically require bonding between the device and the       host.
  Impact :

    A remote attacker with adjacent access could impersonate an existing HID       device, cause a Denial of Service condition or escalate privileges.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-48 (Node.js: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Node.js. Please review       the CVE identifiers referenced below for details.
  Impact :

    A remote attacker could possibly write arbitrary files, cause a Denial       of Service condition or can conduct HTTP request splitting attacks.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-47 (Exim: Heap-based buffer overflow)

    It was discovered that Exim incorrectly handled certain string       operations.
  Impact :

    A remote attacker, able to connect to a vulnerable Exim instance, could       possibly execute arbitrary code with the privileges of the process or       cause a Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-46 (ClamAV: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in ClamAV. Please review       the CVE identifiers referenced below for details.
  Impact :

    A remote attacker could cause ClamAV to scan a specially crafted file,       possibly resulting in a Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-45 (PyYAML: Arbitrary code execution)

    It was found that using yaml.load() API on untrusted input could lead to       arbitrary code execution.
  Impact :

    A remote attacker could entice a user to process specially crafted input       in an application using yaml.load() from PyYAML, possibly resulting in       execution of arbitrary code with the privileges of the process or a       Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-44 (Binary diff: Heap-based buffer overflow)

    It was discovered that the implementation of bspatch did not check for a       negative value on numbers of bytes read from the diff and extra streams.
  Impact :

    A remote attacker could entice a user to apply a specially crafted patch       using bspatch, possibly resulting in execution of arbitrary code with the       privileges of the process or a Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-43 (Apache Tomcat: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Apache Tomcat. Please       review the CVE identifiers referenced below for details.
  Impact :

    An attacker could possibly smuggle HTTP requests or execute arbitrary       code.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-42 (libgit2: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in libgit2. Please review       the CVE identifiers referenced below for details.
  Impact :

    An attacker could possibly overwrite arbitrary paths, execute arbitrary       code, and overwrite files in the .git directory.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-41 (GNU FriBidi: Heap-based buffer overflow)

    A heap-based buffer overflow vulnerability was found in GNU FriBidi.
  Impact :

    A remote attacker could possibly cause a memory corruption, execute       arbitrary code with the privileges of the process or cause a Denial of       Service condition.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-40 (Cacti: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Cacti. Please review       the CVE identifiers referenced below for details.
  Impact :

    Remote attackers could execute arbitrary code or bypass intended access       restrictions.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-39 (phpMyAdmin: SQL injection)

    PhpMyAdmin was vulnerable to a SQL injection attack through the       designer feature.
  Impact :

    An authenticated remote attacker, by specifying a specially crafted       database/table name, could trigger a SQL injection attack.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-38 (PECL Imagick: Arbitrary code execution)

    An out-of-bounds write vulnerability was discovered in the Imagick PHP       extension.
  Impact :

    A remote attacker, able to upload specially crafted images which will       get processed by Imagick, could possibly execute arbitrary code with the       privileges of the process or cause a Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-37 (Mozilla Network Security Service: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Mozilla Network       Security Service (NSS). Please review the CVE identifiers referenced       below for details.
  Impact :

    An attacker could execute arbitrary code, cause a Denial of Service       condition or have other unspecified impact.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-36 (libvorbis: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in libvorbis. Please       review the CVE identifiers referenced below for details.
  Impact :

    A remote attacker, by enticing the user to process a specially crafted       audio file, could possibly cause a Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-35 (ProFTPd: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in ProFTPd. Please review       the CVE identifiers referenced below for details.
  Impact :

    A remote attacker, by interrupting the data transfer channel, could       possibly execute arbitrary code with the privileges of the process or       cause a Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-34 (Squid: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Squid. Please review       the CVE identifiers referenced below for details.
  Impact :

    A remote attacker, by sending a specially crafted request, could       possibly execute arbitrary code with the privileges of the process,       obtain sensitive information or cause a Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-33 (GStreamer Base Plugins: Heap-based buffer overflow)

    It was discovered that GStreamer Base Plugins did not correctly handle       certain malformed RTSP streams.
  Impact :

    A remote attacker could entice a user to open a specially crafted RTSP       stream with a GStreamer application, possibly resulting in the execution       of arbitrary code or a Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-32 (Libgcrypt: Side-channel attack)

    A timing attack was found in the way ECCDSA was implemented in       Libgcrypt.
  Impact :

    A local man-in-the-middle attacker, during signature generation, could       possibly recover the private key.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-31 (gdb: Buffer overflow)

    It was discovered that gdb didn&rsquo;t properly validate the ELF section       sizes from input file.
  Impact :

    A remote attacker could entice a user to open a specially crafted ELF       binary using gdb, possibly resulting in information disclosure or a       Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-30 (Git: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Git. Please review the       CVE identifiers referenced below for details.
  Impact :

    An attacker could possibly overwrite arbitrary paths, execute arbitrary       code, and overwrite files in the .git directory.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-29 (cURL: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in cURL. Please review the       CVE identifiers referenced below for details.
  Impact :

    A remote attacker could possibly execute arbitrary code with the       privileges of the process or cause a Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-28 (libarchive: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in libarchive. Please       review the CVE identifiers referenced below for details.
  Impact :

    A remote attacker could entice a user to open a specially crafted       archive file possibly resulting in the execution of arbitrary code with       the privileges of the process or a Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-27 (libssh: Arbitrary command execution)

    It was discovered that libssh incorrectly handled certain scp commands.
  Impact :

    A remote attacker could trick a victim into using a specially crafted       scp command, possibly resulting in the execution of arbitrary commands on       the server.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-26 (Python: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in Python. Please review       the CVE identifiers referenced below for details.
  Impact :

    A remote attacker could possibly perform a CRLF injection attack, obtain       sensitive information, trick Python into sending cookies to the wrong       domain or cause a Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-25 (libTIFF: Multiple vulnerabilities)

    Multiple vulnerabilities have been discovered in libTIFF. Please review       the CVE identifiers referenced below for details.
  Impact :

    A remote attacker, by enticing the user to process a specially crafted       TIFF file, could possibly cause a Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-24 (file: Heap-based buffer overflow)

    It was discovered that file incorrectly handled certain malformed files.
  Impact :

    A remote attacker could entice a user to process a specially crafted       file via libmagic or file, possibly resulting in execution of arbitrary       code with the privileges of the process or a Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

The remote host is affected by the vulnerability described in GLSA-202003-23 (libjpeg-turbo: User-assisted execution of arbitrary code)

    It was discovered that libjpeg-turbo incorrectly handled certain JPEG       images.
  Impact :

    A remote attacker could entice a user to open a specially crafted JPEG       file in an application linked against libjpeg-turbo, possibly resulting       in execution of arbitrary code with the privileges of the process or a       Denial of Service condition.
  Workaround :

    There is no known workaround at this time.

ID	Name	Severity
135195	GLSA-202004-06 : GnuTLS: DTLS protocol regression	Medium
135116	GLSA-202004-05 : ledger: Multiple vulnerabilities	Medium
135115	GLSA-202004-04 : Qt WebEngine: Arbitrary code execution	Medium
135114	GLSA-202004-03 : GPL Ghostscript: Multiple vulnerabilities	High
135113	GLSA-202004-02 : VirtualBox: Multiple vulnerabilities	Medium
135112	GLSA-202004-01 : HAProxy: Remote execution of arbitrary code	High
135021	GLSA-202003-66 : QEMU: Multiple vulnerabilities	Critical
135020	GLSA-202003-65 : FFmpeg: Multiple vulnerabilities	High
135019	GLSA-202003-64 : libxls: Multiple vulnerabilities	Medium
135018	GLSA-202003-63 : GNU IDN Library 2: Multiple vulnerabilities	High
135017	GLSA-202003-62 : GNU Screen: Buffer overflow	High
134969	GLSA-202003-61 : Adobe Flash Player: Remote execution of arbitrary code	High
134968	GLSA-202003-60 : QtCore: Multiple vulnerabilities	Medium
134967	GLSA-202003-59 : libvpx: User-assisted execution of arbitrary code	Medium
134966	GLSA-202003-58 : UnZip: User-assisted execution of arbitrary code	Medium
134965	GLSA-202003-57 : PHP: Multiple vulnerabilities	High
134964	GLSA-202003-56 : Xen: Multiple vulnerabilities (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)	High
134930	GLSA-202003-55 : Zsh: Privilege escalation	High
134929	GLSA-202003-54 : Pure-FTPd: Multiple vulnerabilities	Medium
134928	GLSA-202003-53 : Chromium, Google Chrome: Multiple vulnerabilities	High
134927	GLSA-202003-52 : Samba: Multiple vulnerabilities	Medium
134926	GLSA-202003-51 : WeeChat: Multiple vulnerabilities	High
134925	GLSA-202003-50 : Tor: Multiple vulnerabilities	Medium
134924	GLSA-202003-49 : BlueZ: Security bypass	Medium
134776	GLSA-202003-48 : Node.js: Multiple vulnerabilities	High
134775	GLSA-202003-47 : Exim: Heap-based buffer overflow	High
134732	GLSA-202003-46 : ClamAV: Multiple vulnerabilities	High
134731	GLSA-202003-45 : PyYAML: Arbitrary code execution	High
134730	GLSA-202003-44 : Binary diff: Heap-based buffer overflow	High
134729	GLSA-202003-43 : Apache Tomcat: Multiple vulnerabilities	High
134728	GLSA-202003-42 : libgit2: Multiple vulnerabilities	High
134727	GLSA-202003-41 : GNU FriBidi: Heap-based buffer overflow	Medium
134726	GLSA-202003-40 : Cacti: Multiple vulnerabilities	High
134725	GLSA-202003-39 : phpMyAdmin: SQL injection	High
134724	GLSA-202003-38 : PECL Imagick: Arbitrary code execution	High
134643	GLSA-202003-37 : Mozilla Network Security Service: Multiple vulnerabilities	Medium
134642	GLSA-202003-36 : libvorbis: Multiple vulnerabilities	Medium
134641	GLSA-202003-35 : ProFTPd: Multiple vulnerabilities	High
134640	GLSA-202003-34 : Squid: Multiple vulnerabilities	High
134610	GLSA-202003-33 : GStreamer Base Plugins: Heap-based buffer overflow	Medium
134609	GLSA-202003-32 : Libgcrypt: Side-channel attack	Medium
134608	GLSA-202003-31 : gdb: Buffer overflow	Medium
134607	GLSA-202003-30 : Git: Multiple vulnerabilities	High
134606	GLSA-202003-29 : cURL: Multiple vulnerabilities	High
134605	GLSA-202003-28 : libarchive: Multiple vulnerabilities	Medium
134604	GLSA-202003-27 : libssh: Arbitrary command execution	High
134603	GLSA-202003-26 : Python: Multiple vulnerabilities	Medium
134602	GLSA-202003-25 : libTIFF: Multiple vulnerabilities	Medium
134601	GLSA-202003-24 : file: Heap-based buffer overflow	High
134600	GLSA-202003-23 : libjpeg-turbo: User-assisted execution of arbitrary code	High

Gentoo Local Security Checks Family for Nessus