OpenEMR 4.1 - Local File Inclusion

Multiple directory traversal vulnerabilities in OpenEMR 4.1.0 allow remote authenticated users to read arbitrary files via a .. dot dot in the formname parameter to 1 contrib/acog/printform.php; or 2 loadform.php, 3 viewform.php, or 4 trendform.php in interface/patientfile/encounter. id:...

AlmaLinux 8 : glib2 (ALSA-2026:0991)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:0991 advisory. glib: Integer overflow in in gescapeuristring CVE-2025-13601 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory...

RockyLinux 8 : glib2 (RLSA-2026:0991)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:0991 advisory. glib: Integer overflow in in gescapeuristring CVE-2025-13601 Tenable has extracted the preceding description block directly from the RockyLinux security advisory...

CVE-2026-0991

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Oracle Linux 8 : glib2 (ELSA-2026-0991)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-0991 advisory. - Add patch for CVE-2025-13601 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not...

EUVD-2022-0991

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2013-0991

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit, as used in Apple iTunes before 11.0.3, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service memory corruption and...

CVE-2021-0991

In OnMetadataChangedListener of AdvancedBluetoothDetailsHeaderController.java, there is a possible leak of Bluetooth MAC addresses due to log information disclosure. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for...

CVE-2020-0991

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0760...

CVE-2024-0991

CVE-2024-0991 concerns the Tenda i6 device (firmware version 1.0.0.9(3857)) and targets the httpd component, specifically the formSetCfm function in /goform/setcfm. The vulnerability arises from improper validation of the funcpara1 parameter, causing a stack-based buffer overflow. This allows rem...

CVE-2017-0991

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none...

GHSA-FXRX-5J36-PWG5 Chakra Scripting Engine RCE via Out-of-bounds write

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge HTML-based. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who...

CVE-2022-0991 Insufficient Session Expiration in admidio/admidio

Insufficient Session Expiration in GitHub repository admidio/admidio prior to 4.1.9...

CVE-2022-0991

CVE-2022-0991 affects admidio/admidio prior to 4.1.9 due to insufficient session expiration. The root cause is that changing a password in one session may not terminate other active sessions, potentially allowing continued access. Documented impact includes risk to account security; mitigation is...

CVE-2021-0991

In OnMetadataChangedListener of AdvancedBluetoothDetailsHeaderController.java, there is a possible leak of Bluetooth MAC addresses due to log information disclosure. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for...

CVE-2021-0991

In OnMetadataChangedListener of AdvancedBluetoothDetailsHeaderController.java, there is a possible leak of Bluetooth MAC addresses due to log information disclosure. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for...

CVE-2021-0991

CVE-2021-0991 affects Android 12 via the OnMetadataChangedListener in AdvancedBluetoothDetailsHeaderController.java, causing a log information disclosure that could leak Bluetooth MAC addresses. The root cause is information disclosure through verbose/loggable data, enabling local information dis...

SUSE: Security Advisory (SUSE-SU-2018:0991-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-2RFJ-2MWP-787V Chakra Scripting Engine Out-of-bounds write

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge HTML-based. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who...

RHEL 8 : firefox (RHSA-2021:0991)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:0991 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...