System Dashboard < 2.8.15 - Admin+ Path Traversal

The System Dashboard WordPress plugin before 2.8.15 does not validate user input used in a path, which could allow high privilege users such as admin to perform path traversal attacks an read arbitrary files on the server id: CVE-2024-10708 info: name: System Dashboard 2.8.15 - Admin+ Path...

RockyLinux 9 : gdk-pixbuf2 (RLSA-2026:10708)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:10708 advisory. gdk-pixbuf: gdk-pixbuf: Denial of Service via heap-based buffer overflow when processing a specially crafted JPEG image CVE-2026-5201 Tenable has extracted the...

RHEL 9 : gdk-pixbuf2 (RHSA-2026:10708)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:10708 advisory. The gdk-pixbuf2 packages provide an image loading library that can be extended by loadable modules for new image formats. It is used by toolkits suc...

Exploit for NULL Pointer Dereference in Openbsd Openssh

SSH NEWKEYS Flood PoC CVE-2016-10708 --- Description T...

CVE-2025-10708

The CVE-2025-10708 entry concerns Four-Faith Water Conservancy Informatization Platform 1.0. Affected: an unknown functionality of the files /history/historyDownload.do;usrlogout.do. Root cause: manipulation of the fileName argument leads to path traversal. Impact: remote exploitation is possible...

CVE-2024-10708

The System Dashboard WordPress plugin before 2.8.15 does not validate user input used in a path, which could allow high privilege users such as admin to perform path traversal attacks an read arbitrary files on the server...

CVE-2016-10708

creationtimestamp| type| source ---|---|--- 2025-04-01 08:49:50+00:00| published-proof-of-concept| https://t.me/MalaysiaHacktivistz/2960 2025-09-30 03:00:06+00:00| published-proof-of-concept| Telegram/FCv5Reostm8rtH-HSRgck4tEjAMnMY27rDYTCURpPWjExXg 2025-10-01 21:02:25+00:00| seen|...

Linux Distros Unpatched Vulnerability : CVE-2016-10708

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an out-of-sequence NEWKEYS message...

CVE-2024-10708

creationtimestamp| type| source ---|---|--- 2024-12-10 06:01:01+00:00| seen| https://infosec.exchange/users/cve/statuses/113627002384730507 2024-12-10 08:16:31+00:00| seen| https://t.me/cvedetector/12482 2025-10-08 00:18:12+00:00| confirmed|...

CVE-2024-10708 System Dashboard < 2.8.15 - Admin+ Path Traversal

The System Dashboard WordPress plugin before 2.8.15 does not validate user input used in a path, which could allow high privilege users such as admin to perform path traversal attacks an read arbitrary files on the server...

WordPress System Dashboard Plugin < 2.8.15 is vulnerable to Path Traversal

Software System Dashboard Type Plugin Vulnerable versions 2.8.15 Fixed in 2.8.15 OWASP Top 10 A4: Insecure Design Classification Path Traversal CVE CVE-2024-10708 Patch priority Low CVSS severity Low 4.9 Developer Claim ownership PSID 8350df71b2da Credits Dogus DEMIRKIRAN Required privilege...

RHEL 6 : openssh (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openssh: loading of untrusted PKCS11 modules in ssh-agent CVE-2016-10009 - openssh: scp allows command...

CLSA-2022-1657560108 Fixed CVEs in openssh: CVE-2016-10708, CVE-2016-10012

CVE-2016-10708: fix crash in packet handling code by moving inbound NEWKEYS handling to kex layer - CVE-2016-10012: abandon the fix due to compression mode issues...

USN-3809-2: OpenSSH regression | Cloud Foundry

Severity Unknown Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description USN-3809-1 fixed vulnerabilities in OpenSSH. The update for CVE-2018-15473 was incomplete and could introduce a regression in certain environments. This update fixes the problem. We apologize for the...

Ubuntu: Security Advisory (USN-3809-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3809-2: OpenSSH regression

USN-3809-1 fixed vulnerabilities in OpenSSH. The update for CVE-2018-15473 was incomplete and could introduce a regression in certain environments. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Robert Swiecki discovered that OpenSSH incorrectly...

USN-3809-2 openssh regression

USN-3809-1 fixed vulnerabilities in OpenSSH. The update for CVE-2018-15473 was incomplete and could introduce a regression in certain environments. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Robert Swiecki discovered that OpenSSH incorrectly...

SUSE: Security Advisory (SUSE-SU-2018:2275-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:3540-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:2530-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...