MiracleLinux 7 : glibc-2.17-157.el7.4 (AXSA:2017-1702:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-1702:02 advisory. The glibc package contains standard libraries which are used by multiple programs on the system. In order to save disk space and memory, as well as to make...

MiracleLinux 4 : firefox-38.5.0-2.0.1.AXS4 (AXSA:2015-961:11)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2015-961:11 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this releas...

MiracleLinux 3 : firefox-24.8.0-2.0.1.AXS3 (AXSA:2014-523:05)

The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2014-523:05 advisory. Description: Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed wit...

MiracleLinux 7 : gcab-0.7-4.el7 (AXSA:2018-2581:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-2581:01 advisory. gcab: Extracting malformed .cab files causes stack smashing potentially leading to arbitrary code execution CVE-2018-5345 Tenable has extracted the preceding...

AlmaLinux 8 : gnupg2 (ALSA-2026:0728)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:0728 advisory. GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write CVE-2025-68973 Tenable has extracted the preceding description...

MiracleLinux 4 : libvirt-0.10.2-64.2.0.1.AXS4 (AXSA:2019-3920:02)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-3920:02 advisory. libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API CVE-2019-10161 Tenable has extracted the preceding description block directly from the...

MiracleLinux 3 : kernel-2.6.18-371.3.AXS3 (AXSA:2014-405:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-405:01 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operating...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001078)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001078 advisory. Multiple stack-based buffer overflows in the magicmouserawevent function in drivers/hid/hid-magicmouse.c in the Magic Mouse HID driver in the Linux kernel through...

MiracleLinux 7 : firefox-52.5.0-1.0.1.el7.AXS7 (AXSA:2017-2416:07)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2017-2416:07 advisory. Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or,...

MiracleLinux 7 : liblouis-2.5.2-12.el7 (AXSA:2017-2462:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-2462:02 advisory. A missing fix for one stack-based buffer overflow in findTable for CVE-2014-8184 was discovered. An attacker could cause denial of service or potentially all...

CVE-2025-14237

CVE-2025-14237 is a buffer overflow in the XPS font parsing of Canon Small Office Multifunction Printers and Laser Printers. Affects firmware v06.02 and earlier across multiple Canon lines (Japan/US/Europe). The issue can allow a network attacker to cause a reboot/nonresponsive device or execute ...

CVE-2021-47807

Sync Breeze 13.6.18 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in service binaries located in 'Program Files' directories to inject malicious...

CVE-2021-47792 Remote Mouse 4.002 - Unquoted Service Path

Remote Mouse 4.002 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path in the RemoteMouseService to inject malicious executables and gain administrative access...

GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write

A flaw was found in GnuPG. An attacker can provide crafted input to the armorfilter function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code...

CVE-2026-23512

SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, there is a Untrusted Search Path vulnerability when Advanced Options setting is trigger. The application executes notepad.exe without specifying an absolute path when using the Advanced Options setting. On Windows, this allows...

GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write

A flaw was found in GnuPG. An attacker can provide crafted input to the armorfilter function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code...

CVE-2025-67078

Cross site scripting XSS vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute arbitrary code via the notify parameter of the file controller used to display errors...

CVE-2021-47819

ProjeQtOr Project Management 9.1.4 contains a file upload vulnerability that allows guest users to upload malicious PHP files with arbitrary code execution capabilities. Attackers can upload a PHP script through the profile attachment section and execute system commands by accessing the uploaded...

EUVD-2026-2750

ProjeQtOr Project Management 9.1.4 contains a file upload vulnerability that allows guest users to upload malicious PHP files with arbitrary code execution capabilities. Attackers can upload a PHP script through the profile attachment section and execute system commands by accessing the uploaded...

CVE-2021-47775

CVE-2021-47775 affects YouTube Video Grabber (also called YouTube Downloader) version 1.9.9.1. The issue is a buffer overflow that allows arbitrary code execution by overwriting the Structured Exception Handler (SEH). An attacker can craft a 712-byte payload with SEH manipulation to trigger a bin...