CVE-2019-18377

Symantec Messaging Gateway, prior to 10.7.3, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user...

Exploit for CVE-2025-57176

CVE-2025-57176 CVE-2025-57176 -...

CVE-2025-57176

On Ceragon Networks / Siklu Communication EtherHaul and MultiHaul Series microwave antennas before 2026-03-10, the rfpiped service on TCP port 555 allows unauthenticated file uploads to any writable location on the device. File upload packets use weak encryption metadata only with file contents...

CVE-2025-57174

An issue was discovered in Siklu Communications Etherhaul 8010TX and 1200FX devices, Firmware 7.4.0 through 10.7.3 and possibly other previous versions. The rfpiped service listening on TCP port 555 which uses static AES encryption keys hardcoded in the binary. These keys are identical across all...

CVE-2025-57176

On Ceragon Networks / Siklu Communication EtherHaul and MultiHaul Series microwave antennas before 2026-03-10, the rfpiped service on TCP port 555 allows unauthenticated file uploads to any writable location on the device. File upload packets use weak encryption metadata only with file contents...

Ceragon EtherHaul series 代码问题漏洞

The Ceragon EtherHaul series is a point-to-point infinite link device from Ceragon USA. A security vulnerability exists in the Ceragon EtherHaul series versions 7.4.0 through 10.7.3, which stems from the rfpiped service not performing authentication or path validation, which could result in...

DoS (Denial of Service) Third-Party Dependency in Jira Software Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 9.12.0, 10.3.0, and 10.7.1 of Jira Software Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an...

Tenable Nessus Agent < 10.7.3 and earlier Multiple Vulnerabilities (TNS-2024-14)

According to its self-reported version, the Tenable Nessus Agent running on the remote host is prior to 10.7.2 and earlier. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2024-14 advisory. - Nessus Agent leverages third-party software to help provide underlying...

OPENSUSE-SU-2024:11867-1 libmariadbd-devel-10.7.3-1.1 on GA media

These are all security issues fixed in the libmariadbd-devel-10.7.3-1.1 package on the GA media of openSUSE Tumbleweed...

Tenable Nessus Multiple Vulnerabilities (TNS-2024-08)

Tenable Nessus is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:tenable:nessus"; ifdescripti...

CVE-2024-3289

When installing Nessus to a directory outside of the default location on a Windows host, Nessus versions prior to 10.7.3 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the non-default installation...

[R1] Nessus Version 10.7.3 Fixes Multiple Vulnerabilities

R1 Nessus Version 10.7.3 Fixes Multiple Vulnerabilities Arnie Cabral Wed, 05/15/2024 - 11:01 Two separate vulnerabilities were discovered, reported and fixed: When installing Nessus to a directory outside of the default location on a Windows host, Nessus versions prior to 10.7.3 did not enforce...

About the security content of Logic Pro 10.7.3

About the security content of Logic Pro 10.7.3 This document describes the security content of Logic Pro 10.7.3. About Apple security updates For our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are...

MariaDB 10.7.0 < 10.7.3 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 10.7.3. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.7.3 advisory. - MariaDB through 10.5.9 allows an application crash via certain long SELECT DISTINCT statements that improperly interact with...

MariaDB DoS Vulnerability (MDEV-25766) - Windows

MariaDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mariadb:mariadb"; if...

MariaDB DoS Vulnerability (MDEV-25787) - Linux

MariaDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mariadb:mariadb"; if...

MariaDB DoS Vulnerability (MDEV-25636) - Linux

MariaDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mariadb:mariadb"; if...

MariaDB DoS Vulnerability (MDEV-26351) - Linux

MariaDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mariadb:mariadb"; if...

CVE-2021-29490

Jellyfin is a free software media system that provides media from a dedicated server to end-user devices via multiple apps. Verions prior to 10.7.3 vulnerable to unauthenticated Server-Side Request Forgery SSRF attacks via the imageUrl parameter. This issue potentially exposes both internal and...

CVE-2021-29490

Jellyfin is a free software media system that provides media from a dedicated server to end-user devices via multiple apps. Verions prior to 10.7.3 vulnerable to unauthenticated Server-Side Request Forgery SSRF attacks via the imageUrl parameter. This issue potentially exposes both internal and...