RHCOS 3 : OpenShift Container Platform 3.7 (RHSA-2018:1231)

The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1231 advisory. - source-to-image: Improper path sanitization in ExtractTarStreamFromTarReader in tar/tar.go CVE-2018-1102 Note that Nessus has not tested fo...

Security update for the Linux Kernel (Live Patch 48 for SUSE Linux Enterprise 15 SP4)

This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.194 fixes one security issue The following security issue was fixed: CVE-2026-23209: macvlan: fix error recovery in macvlancommonnewlink bsc1258784. Patch Instructions: To install this SUSE update use the SUSE recommended...

CVE-2020-1231

An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka 'Windows Runtime Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1233, CVE-2020-1235, CVE-2020-1265, CVE-2020-1282, CVE-2020-1304, CVE-2020-1306,...

Ubuntu: Security Advisory (USN-7353-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Devolutions Server < 2024.3.11.0 Improper Password Reset (DEVO-2025-0002)

The version of Devolutions Server installed on the remote host is prior to 2024.3.11.0 and is, therefore, affected by an improper password reset vulnerability: - Improper password reset in PAM Module in Devolutions Server 2024.3.10.0 and earlier allows an authenticated user to reuse the oracle us...

CVE-2025-1231

Improper password reset in PAM Module in Devolutions Server 2024.3.10.0 and earlier allows an authenticated user to reuse the oracle user password after check-in due to crash in the password reset functionality...

CVE-2025-1231

Improper password reset in PAM Module in Devolutions Server 2024.3.10.0 and earlier allows an authenticated user to reuse the oracle user password after check-in due to crash in the password reset functionality...

CVE-2025-1231

creationtimestamp| type| source ---|---|--- 2025-02-11 14:10:15+00:00| seen| https://infosec.exchange/users/cve/statuses/113985651664721282 2025-02-11 14:15:55+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhvtvbtldk2a 2025-02-11 17:22:09+00:00| seen|...

CVE-2025-1231

Improper password reset in PAM Module in Devolutions Server 2024.3.10.0 and earlier allows an authenticated user to reuse the oracle user password after check-in due to crash in the password reset functionality...

CVE-2025-1231

The CVE-2025-1231 affects Devolutions Server 2024.3.10.0 and earlier, caused by an improper password reset in the PAM module that lets an authenticated user reuse the oracle password after check-in due to a crash in the password reset flow. Exploitation details are not provided in the documents. ...

CVE-2025-1231

Improper password reset in PAM Module in Devolutions Server 2024.3.10.0 and earlier allows an authenticated user to reuse the oracle user password after check-in due to crash in the password reset functionality...

CVE-2024-1231 CM Download and File Manager < 2.9.0 - Download Unpublish via CSRF

The CM Download Manager WordPress plugin before 2.9.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins unpublish downloads via a CSRF attack...

CVE-2024-1231 CM Download and File Manager < 2.9.0 - Download Unpublish via CSRF

The CM Download Manager WordPress plugin before 2.9.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins unpublish downloads via a CSRF attack...

Cisco Nexus 9000 Series Fabric Switches ACI Mode Link Layer Discovery Protocol Port Denial of Service (CVE-2021-1231)

A vulnerability in the Link Layer Discovery Protocol LLDP for Nexus 9000 Series Fabric Switches in Application Centric Infrastructure ACI mode could allow an unauthenticated, adjacent attacker to disable switching on a small form-factor pluggable SFP interface. This vulnerability is due to...

Microsoft Edge (Chromium-Based) Multiple Vulnerabilities (Mar 2023)

This host is missing an important security update according to Microsoft Edge Chromium-Based updates. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

OPENSUSE-SU-2023:0068-1 Security update for chromium

This update for chromium fixes the following issues: Chromium 111.0.5563.64 New View Transitions API CSS Color Level 4 New developer tools in style panel for color functionality CSS added trigonometric functions, additional root font units and extended the n-th child pseudo selector. previousslid...

KLA48544 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, gain privileges, spoof user interface, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Policy enforcement...

Updated chromium-browser-stable packages fix security vulnerability

High CVE-2023-1213: Use after free in Swiftshader. Reported by Jaehun Jeong@n3sk of Theori on 2023-01-30 High CVE-2023-1214: Type Confusion in V8. Reported by Man Yue Mo of GitHub Security Lab on 2023-02-03 High CVE-2023-1215: Type Confusion in CSS. Reported by Anonymous on 2023-02-17 High...

Debian: Security Advisory (DSA-5371-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-1231

CVE-2023-1231 describes an issue in Google Chrome on Android where the Autofill implementation allowed a crafted HTML page to spoof the omnibox contents. The vulnerability is tied to Chromium’s Autofill logic and is described as an inappropriate implementation, with a CVSS v3.1 base score of 4.3 ...