134 matches found
Apache Struts <2.3.1.1 - Remote Code Execution
Apache Struts before 2.3.1.1 is susceptible to remote code execution. When developer mode is used in the DebuggingInterceptor component, a remote attacker can execute arbitrary OGNL commands via unspecified vectors, which can allow for execution of malware, obtaining sensitive information,...
OESA-2026-1849 dovecot security update
Dovecot is an IMAP server for Linux/UNIX-like systemsa wrapper package that will just handle common things for all versioned dovecot packages. Security Fixes: Dovecot has provided a script to use for attachment to text conversion. This script unsafely handles zip-style attachments. Attacker can u...
CVE-2026-0394
creationtimestamp| type| source ---|---|--- 2026-03-27 12:13:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mi23qsvkva2g...
Siemens SIMATIC S7-1500 TM MFP BIOS Missing Encryption of Sensitive Data (CVE-2023-0394)
A NULL pointer dereference flaw was found in rawv6pushpendingframes in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...
CVE-2025-0394
creationtimestamp| type| source ---|---|--- 2025-01-14 08:28:47+00:00| seen| https://infosec.exchange/users/cve/statuses/113825764299839192 2025-01-14 09:10:41+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1468 2025-01-14 09:15:52+00:00| seen|...
CVE-2025-0394 Groundhogg <= 3.7.3.5 - Authenticated (Author+) Arbitrary File Upload via gh_big_file_upload Function
The WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ghbigfileupload function in all versions up to, and including, 3.7.3.5. This makes it possible for...
CVE-2025-0394 Groundhogg <= 3.7.3.5 - Authenticated (Author+) Arbitrary File Upload via gh_big_file_upload Function
The WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ghbigfileupload function in all versions up to, and including, 3.7.3.5. This makes it possible for...
Mageia: Security Advisory (MGASA-2024-0394)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Apache Struts 2.0.0 < 2.3.18 RCE (S2-008)
The version of Apache Struts installed on the remote host is prior to 2.3.18. It is, therefore, affected by a vulnerability as referenced in the S2-008 advisory. - The DebuggingInterceptor component in Apache Struts before 2.3.1.1, when developer mode is used, allows remote attackers to execute...
Photon OS 3.0: Linux PHSA-2023-3.0-0527
An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-3.0-0527. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 4.0: Postgresql14 PHSA-2023-4.0-0394
An update of the postgresql14 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0394. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Citrix Virtual Apps and Desktops Privilege Escalation (CTX678035)
The version of Citrix Virtual Apps and Desktops installed on the remote Windows host is prior to 2402, 1912 LTSR CU9 or 2203 LTSR CU5. It is, therefore, affected by a privilege escalation vulnerability. By exploiting this vulnerability, a local, low-privileged attacker could gain SYSTEM privilege...
openSUSE: Security Advisory for the Linux Kernel (SUSE-SU-2023:0394-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Multiple Linux Kernel vulnerabilities may affect IBM Storage Scale System
Summary There are vulnerabilities in the Linux kernel, used by IBM Storage Scale System, which could allow a denial of service. Fixes for these vulnerabilities are available. Vulnerability Details CVEID:CVE-2023-1195 DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by a...
SUSE SLED12: cluster-md-kmp-default / dlm-kmp-default / gfs2-kmp-default / etc (SUSE-SU-2023:4031-1)
The remote SUSE Linux SLED12 / SLEDSAP12 / SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4031-1 advisory. The SUSE Linux Enterprise 12 SP5 kernel was updated to receive various security and bugfixes. The following...
SUSE-SU-2023:1811-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2017-5753: Fixed spectre V1 vulnerability on netlink bsc1209547. - CVE-2017-5753: Fixed spectre vulnerability in prlimit bsc1209256. - CVE-2021-3923: Fixed...
Ubuntu 22.04 LTS : Linux kernel vulnerabilities (USN-6096-1)
The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6096-1 advisory. It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread....
Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
ALSA-2023:2736 Important: kernel-rt security and bug fix update
The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Security Fixes: use-after-free caused by l2capreassemblesdu in net/bluetooth/l2capcore.c CVE-2022-3564 net/ulp: use-after-free in listening ULP sockets...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2023-1902)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...