Linux Distros Unpatched Vulnerability : CVE-2026-8700

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Crypt::DSA versions before 1.20 for Perl generate seeds using rand. Seeds were generated using Perl's built-in rand function, which is predictable and unsuitabl...

CVE-2026-8700

Crypt::DSA versions before 1.20 for Perl generate seeds using rand. Seeds were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage...

CVE-2019-25546

NetAware 1.20 contains a buffer overflow vulnerability in the Share Name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can trigger a denial of service by pasting a 1000-byte buffer into the Share Name parameter when adding a new shar...

CVE-2019-25547

NetAware 1.20 contains a buffer overflow vulnerability in the User Blocking feature that allows local attackers to crash the application by supplying oversized input. Attackers can paste a malicious buffer of 512 bytes into the 'Add a website or keyword to be filtered' field and trigger a crash...

CVE-2019-25547 NetAware 1.20 Denial of Service via Add Block Buffer Overflow

NetAware 1.20 contains a buffer overflow vulnerability in the User Blocking feature that allows local attackers to crash the application by supplying oversized input. Attackers can paste a malicious buffer of 512 bytes into the 'Add a website or keyword to be filtered' field and trigger a crash...

CVE-2019-25546

NetAware 1.20 contains a buffer overflow vulnerability in the Share Name field that allows local attackers to crash the application by supplying an excessively long string. Attackers can trigger a denial of service by pasting a 1000-byte buffer into the Share Name parameter when adding a new shar...

Infiltration Systems NetAware 缓冲区错误漏洞

Infiltration Systems NetAware is a network management tool developed by Invasion Systems Corporation, designed to monitor computer network activities and application usage. Version 1.20 of Infiltration Systems NetAware contains a buffer error vulnerability. This vulnerability stems from a buffer...

Infiltration Systems NetAware 缓冲区错误漏洞

Infiltration Systems NetAware is a network management tool developed by Invasion Systems Corporation, designed to monitor computer network activities and application usage. Version 1.20 of Infiltration Systems NetAware contains a buffer error vulnerability. This vulnerability stems from a buffer...

PT-2026-5718

Name of the Vulnerable Software and Affected Versions OpenTelemetry-Go versions 1.20.0 through 1.39.0 Description The OpenTelemetry Go SDK versions 1.20.0 through 1.39.0 are susceptible to a path hijacking issue on macOS/Darwin systems. The resource detection code in sdk/resource/host id.go...

MiracleLinux 8 : nginx:1.20 (AXSA:2023-6513:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6513:01 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the preceding description...

OESA-2026-1008 crun security update

crun is a fast and low-memory footprint OCI Container Runtime fully written in C. Security Fixes: crun is an open source OCI Container Runtime fully written in C. In affected versions A malicious container image could trick the krun handler into escaping the root filesystem, allowing file creatio...

EUVD-2005-3679

Malware in sbrugna...

EUVD-2022-2706

Malicious code in bioql PyPI...

EUVD-2025-24736

Malicious code in bioql PyPI...

PT-2025-39924

Name of the Vulnerable Software and Affected Versions Tapo D230S1 versions prior to 1.2.2 Build 20250907 Description An attacker may gain root access by connecting to the UART port. This requires physical access to the device. Recommendations Update to version 1.2.2 Build 20250907 or later...

BIT-TEMPORAL-2023-3485 Insecure Default Authorization in Temporal Server

Insecure defaults in open-source Temporal Server before version 1.20 on all platforms allows an attacker to craft a task token with access to a namespace other than the one specified in the request. Creation of this task token must be done outside of the normal Temporal server flow. It requires t...

WordPress Portfolio Manager Lite plugin <= 1.20 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Portfolio Manager Lite versions = 1.20...

CVE-2025-58156

Centurion ERP is an ERP with a focus on ITSM and automation. In versions starting from 1.12.0 to before 1.21.0, an authenticated user can view all authentication token details within the database. This includes the actual token, although only the hashed token. This does not include any un-hashed...

CVE-2025-58156

CVE-2025-58156 (Centurion ERP) affects Centurion ERP versions 1.12.0 to before 1.21.0. An authenticated user could view token details in the database, including the actual token in hashed form (no unhashed tokens were viewable). The issue has been patched in version 1.21.0. A workaround that disa...

Linux Distros Unpatched Vulnerability : CVE-2020-26890

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Matrix Synapse before 1.20.0 erroneously permits non-standard NaN, Infinity, and -Infinity JSON values in fields of m.room.member events, allowing remote...