Linux Distros Unpatched Vulnerability : CVE-2018-12886

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - stackprotectprologue in cfgexpand.c and stackprotectepilogue in function.c in GNU Compiler Collection GCC 4.1 through 8 under certain circumstances generate...

Linux Distros Unpatched Vulnerability : CVE-2025-58160

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - tracing is a framework for instrumenting Rust programs to collect structured, event-based diagnostic information. Prior to version 0.3.20, tracing-subscriber wa...

Linux Distros Unpatched Vulnerability : CVE-2015-3154

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CRLF injection vulnerability in Zend\Mail ZendMail in Zend Framework before 1.12.12, 2.x before 2.3.8, and 2.4.x before 2.4.1 allows remote attackers to inject...

ROS-20250903-02

The vulnerability in the go-git library is related to input validation errors when processing directory traversal sequences. Exploitation of the vulnerability could allow an attacker acting remotely to perform directory traversal attacks...

Directory Traversal

Overview mobsf is a Mobile Security Framework MobSF is an automated, all-in-one mobile application Android/iOS/Windows pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. Affected versions of this package are vulnerable to Directory...

Security Bulletin: Vulnerabilities Addressed in IBM Tivoli Network Manager IP Edition (ITNM) version 4.2 Fix Pack 23 (4.2.0.23)

Summary Multiple vulnerabilities were addressed in ITNM version 4.2 Fix Pack 23 4.2.0.23 Vulnerability Details CVEID:CVE-2025-21587 DESCRIPTION: An unspecified vulnerability in Java SE related to the Server: DDL component could allow a remote attacker to cause high confidentiality and high...

aide: improper output neutralization enables bypassing

A flaw was found in AIDE. This flaw allows an attacker to craft a malicious filename by including terminal escape sequences to hide the addition or removal of the file from the report and tamper with the log output. A local user may exploit this to bypass AIDE's detection of malicious files...

Cookies and how to bake them: what they are for, associated risks, and what session hijacking has to do with it

When you visit almost any website, you'll see a pop-up asking you to accept, decline, or customize the cookies it collects. Sometimes, it just tells you that cookies are in use by default. We randomly checked 647 websites, and 563 of them displayed cookie notifications. Most of the time, users...

aide: improper output neutralization enables bypassing

A flaw was found in AIDE. This flaw allows an attacker to craft a malicious filename by including terminal escape sequences to hide the addition or removal of the file from the report and tamper with the log output. A local user may exploit this to bypass AIDE's detection of malicious files...

aide: improper output neutralization enables bypassing

A flaw was found in AIDE. This flaw allows an attacker to craft a malicious filename by including terminal escape sequences to hide the addition or removal of the file from the report and tamper with the log output. A local user may exploit this to bypass AIDE's detection of malicious files...

aide: improper output neutralization enables bypassing

A flaw was found in AIDE. This flaw allows an attacker to craft a malicious filename by including terminal escape sequences to hide the addition or removal of the file from the report and tamper with the log output. A local user may exploit this to bypass AIDE's detection of malicious files...

aide: improper output neutralization enables bypassing

A flaw was found in AIDE. This flaw allows an attacker to craft a malicious filename by including terminal escape sequences to hide the addition or removal of the file from the report and tamper with the log output. A local user may exploit this to bypass AIDE's detection of malicious files...

aide: improper output neutralization enables bypassing

A flaw was found in AIDE. This flaw allows an attacker to craft a malicious filename by including terminal escape sequences to hide the addition or removal of the file from the report and tamper with the log output. A local user may exploit this to bypass AIDE's detection of malicious files...

Endress+hauser Ecograph 日志信息泄露漏洞

The Endress+hauser Ecograph is a data logger from Endress+hauser, Switzerland. It is used to securely and completely record and visualize all process sequences. The Endress+hauser Ecograph suffers from a log information disclosure vulnerability that stems from a password disclosure that could lea...

Linux Distros Unpatched Vulnerability : CVE-2025-54484

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch 35a819fa. A...

SUSE CVE-2025-58160

tracing is a framework for instrumenting Rust programs to collect structured, event-based diagnostic information. Prior to version 0.3.20, tracing-subscriber was vulnerable to ANSI escape sequence injection attacks. Untrusted user input containing ANSI escape sequences could be injected into...

Security Bulletin: Multiple Vulnerabilities in IBM Concert Software.

Summary Multiple vulnerabilities were addressed in IBM Concert Software version 2.0.0 Vulnerability Details CVEID:CVE-2015-5305 DESCRIPTION: Directory traversal vulnerability in Kubernetes, as used in Red Hat OpenShift Enterprise 3.0, allows attackers to write to arbitrary files via a crafted...

Alibaba Cloud Linux 3 : 0148: aide (ALINUX3-SA-2025:0148)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2025:0148 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-54389: AIDE is an advanced intrusion...

Linux Distros Unpatched Vulnerability : CVE-2025-41242

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Spring Framework MVC applications can be vulnerable to a Path Traversal Vulnerability when deployed on a non-compliant Servlet container. An application can be...

Linux Distros Unpatched Vulnerability : CVE-2025-55193

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Active Record connects classes to relational database tables. Prior to versions 7.1.5.2, 7.2.2.2, and 8.0.2.1, the ID passed to find or similar methods may be...