MiracleLinux 3 : gnupg-1.4.5-18.AXS3.1 (AXSA:2014-247:01)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2014-247:01 advisory. GnuPG GNU Privacy Guard is a GNU utility for encrypting data and creating digital signatures. GnuPG has advanced key management capabilities and is compliant...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003677)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003677 advisory. Jonathan Looney discovered that the TCP retransmission queue implementation in tcpfragment in the Linux kernel could be fragmented when handling certain TCP Selectiv...

MiracleLinux 7 : ruby-2.0.0.648-33.0.1.el7.AXS7 (AXSA:2018-2583:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-2583:01 advisory. It was discovered that the Net::FTP module did not properly process filenames in combination with certain operations. A remote attacker could exploi...

MiracleLinux 4 : spice-gtk-0.20-11.AXS4 (AXSA:2014-014:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2014-014:01 advisory. Client libraries for SPICE desktop servers. Security issues fixed with this release: CVE-2013-4324 spice-gtk 0.14, and possibly other versions, invokes the...

MiracleLinux 7 : curl-7.29.0-25.0.1.el7.AXS7 (AXSA:2015-843:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-843:01 advisory. curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FIL...

openSUSE 16 Security Update : tomcat (openSUSE-SU-2026:20034-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20034-1 advisory. - Update to Tomcat 9.0.111 - Security fixes: - CVE-2025-55752: directory traversal via rewrite with possible RCE if PUT is enabled bsc1252753. -...

MiracleLinux 3 : firefox-31.2.0-3.0.1.AXS3 (AXSA:2014-594:07)

The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2014-594:07 advisory. Description : Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed wi...

MiracleLinux 3 : httpd-2.2.3-76.0.1.AXS3 (AXSA:2013-45:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-45:01 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. Security issues fixed with this release: CVE-2008-0455 Cross-site scriptin...

MiracleLinux 4 : php-5.3.3-22.AXS4 (AXSA:2013-117:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-117:01 advisory. PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated webpages. PHP also offers...

MiracleLinux 3 : php-5.1.6-43.0.1.AXS3 (AXSA:2014-315:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-315:01 advisory. PHP is an HTML-embedded scripting language that allows developers to write dynamically generated web pages. PHP is ideal for writing database-enabled...

HTTP Request Smuggling

Overview io.vertx:vertx-core is a tool-kit for building reactive applications on the JVM. Affected versions of this package are vulnerable to HTTP Request Smuggling due to improper handling of / in the output buffer by removeDots function in Static Handler. An attacker can prevent access to stati...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal via the Delete function. An attacker can delete arbitrary files on the server by submitting crafted path traversal sequences in the path parameter. Details A Directory Traversal attack also known as path traversal ai...

7 Reasons to Get Certified in API Security

API security is becoming more important by the day and skilled practitioners are in high demand. Now’s the time to level up your API security skillset. Wallarm University, our free training course, provides security analysts, engineers, and practitioners with hands-on skills you can’t get from...

EulerOS 2.0 SP10 : busybox (EulerOS-SA-2026-1021)

According to the versions of the busybox package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences.CVE-2025-463...

EulerOS 2.0 SP12 : busybox (EulerOS-SA-2026-1064)

According to the versions of the busybox package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences.CVE-2025-463...

EulerOS 2.0 SP10 : busybox (EulerOS-SA-2026-1042)

According to the versions of the busybox package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences.CVE-2025-463...

EulerOS 2.0 SP12 : busybox (EulerOS-SA-2026-1084)

According to the versions of the busybox package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences.CVE-2025-463...

Security update for tomcat (important)

openSUSE security update: security update for tomcat ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20034-1 Rating: important References: bsc1252753 bsc1252756 bsc1252905 Cross-References: CVE-2025-55752 CVE-2025-55754 CVE-2025-61795 CVSS scores:...

CVE-2021-47751

CuteEditor for PHP now referred to as Rich Text Editor 6.6 contains a directory traversal vulnerability in the browse template feature that allows attackers to write files to arbitrary web root directories. Attackers can exploit the ServerMapPath function by renaming uploaded HTML files using...

CVE-2022-50939

e107 CMS version 3.2.1 contains a critical file upload vulnerability that allows authenticated administrators to override arbitrary server files through path traversal. The vulnerability exists in the Media Manager's remote URL upload functionality image.php where the uploadcaption parameter is n...