AlmaLinux 10 : qt6-qtsvg (ALSA-2025:22394)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:22394 advisory. qtsvg: Uncontrolled recursion in Qt SVG module CVE-2025-10728 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory...

Oracle Linux 10 : qt6-qtsvg (ELSA-2025-22394)

The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-22394 advisory. - Fix CVE-2025-10728: Replace quadratic cycle check with linear recursion guard to prevent stack overflow Resolves: RHEL-119719 Tenable has extracted the...

RLSA-2025:22394 Moderate: qt6-qtsvg security update

Scalable Vector Graphics SVG is an XML-based language for describing two-dimensional vector graphics. Qt provides classes for rendering and displaying SVG drawings in widgets and on other paint devices. Security Fixes: qtsvg: Uncontrolled recursion in Qt SVG module CVE-2025-10728 For more details...

qt6-qtsvg security update

An update is available for qt6-qtsvg. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Scalable Vector Graphics SVG is an XML-based language for describing...

RockyLinux 10 : qt6-qtsvg (RLSA-2025:22394)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:22394 advisory. qtsvg: Uncontrolled recursion in Qt SVG module CVE-2025-10728 Tenable has extracted the preceding description block directly from the RockyLinux security...

RHEL 10 : qt6-qtsvg (RHSA-2025:22394)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:22394 advisory. Scalable Vector Graphics SVG is an XML-based language for describing two-dimensional vector graphics. Qt provides classes for rendering and...

Moderate: Red Hat Security Advisory: qt6-qtsvg security update

An update for qt6-qtsvg is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

Moderate: Red Hat Security Advisory: qt6-qtsvg security update

An update for qt6-qtsvg is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...

SUSE CVE-2025-10728

When the module renders a Svg file that contains a element, it might end up rendering it recursively leading to stack overflow DoS...

CVE-2025-10728

creationtimestamp| type| source ---|---|--- 2025-10-04 01:33:11+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3m2dgtr5exc2o 2025-10-07 05:15:49+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3m2leongtgs2a 2025-10-08 07:00:08+00:00| seen|...

CVE-2025-10728

When the module renders a Svg file that contains a element, it might end up rendering it recursively leading to stack overflow DoS...

CVE-2025-10728

When the module renders a Svg file that contains a element, it might end up rendering it recursively leading to stack overflow DoS...

Linux Distros Unpatched Vulnerability : CVE-2016-10728

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Suricata before 3.1.2. If an ICMPv4 error packet is received as the first packet on a flow in the toclient direction, it confuses the...

WordPress PostX Plugin <= 4.1.16 is vulnerable to Broken Access Control

Software PostX Type Plugin Vulnerable versions = 4.1.16 Fixed in 4.1.17 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10728 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 29722a758707 Credits Sean Murphy Required privilege...

CVE-2024-10728 PostX <= 4.1.16 - Missing Authorization to Arbitrary Plugin Installation/Activation

The Post Grid Gutenberg Blocks and WordPress Blog Plugin – PostX plugin for WordPress is vulnerable to unauthorized plugin installation/activation due to a missing capability check on the 'installrequiredplugincallback' function in all versions up to, and including, 4.1.16. This makes it possible...

SUSE CVE-2016-10728

An issue was discovered in Suricata before 3.1.2. If an ICMPv4 error packet is received as the first packet on a flow in the toclient direction, it confuses the rule grouping lookup logic. The toclient inspection will then continue with the wrong rule group. This can lead to missed detection...

CVE-2020-10728

Affected software: automationbroker/apb container (versions up to and including 2.0.4-1). Root cause: container grants all users sudoer permissions, enabling an unauthorized user with access to the running container to escalate privileges. Impact: data confidentiality, integrity, and system avail...

Reolink Rlc-410W Denial of Service Vulnerability (CNVD-2022-10728)

Reolink Rlc-410W is a Wifi security camera from Reolink China.Reolink RLC-410W has a security vulnerability that can be exploited by attackers to cause a denial of service...

[SECURITY] [DLA 1508-1] suricata security update

Package : suricata Version : 2.0.7-2+deb8u1 CVE ID : CVE-2016-10728 CVE-2016-10728 If an ICMPv4 error packet is received as the first packet on a flow in the toclient direction, it can lead to missed TCP/UDP detection in packets arriving afterwards. For Debian 8 "Jessie", this problem has been...

Debian: Security Advisory (DLA-1508-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...