17 matches found
openSUSE 16 Security Update : python-pytest-html (openSUSE-SU-2026:21312-1)
The remote openSUSE 16 host has a package installed that is affected by a vulnerability as referenced in the openSUSE- SU-2026:21312-1 advisory. Changes in python-pytest-html: - Revendor updating brace-expansion: - force brace-expansion minimum version to fix CVE-2026-13149 bsc1269923 Tenable has...
OPENSUSE-SU-2026:21312-1 Security update for python-pytest-html
This update for python-pytest-html fixes the following issues: Changes in python-pytest-html: - Revendor updating brace-expansion: - force brace-expansion minimum version to fix CVE-2026-13149 bsc1269923...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: nodejs24: nodejs24-24.18.0-0.2.hum1 aarch64, x8664 nodejs24-bin-24.18.0-0.2.hum1 noarch nodejs24-devel-24.18.0-0.2.hum1 aarch64, x8664 nodejs24-docs-24.18.0-0.2.hum1 noarch...
SUSE CVE-2026-13149
brace-expansion through 5.0.6 is vulnerable to denial of service. The expand function exhibits exponential-time complexity in the number of consecutive non-expanding '' brace groups. An attacker who passes a crafted string to expand, directly or transitively, can cause significant CPU consumption...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs Security Update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: nodejs26: nodejs26-26.4.0-1.3.hum1 aarch64, x8664 nodejs26-bin-26.4.0-1.3.hum1 noarch nodejs26-devel-26.4.0-1.3.hum1 aarch64, x8664 nodejs26-docs-26.4.0-1.3.hum1 noarch...
CVE-2026-13149
creationtimestamp| type| source ---|---|--- 2026-06-30 10:02:33+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mpiqqalrc32y...
CVE-2025-13149
creationtimestamp| type| source ---|---|--- 2025-11-21 10:21:02+00:00| seen| https://gist.github.com/Darkcrai86/85f88a518ebc5d2bb4f90053e9242d81...
CVE-2024-13149
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection', CWE - 200 - Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Arma Store Armalife allows SQL Injection.This issue affects Armalife: through 20250916. NOTE: The vendor did not inform about...
CVE-2024-13149
creationtimestamp| type| source ---|---|--- 2025-09-16 17:47:53+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lyxuw4ji7j2c...
CVE-2024-13149
CVE-2024-13149 affects Armalife (Arma Store) with a SQL Injection due to improper neutralization of special elements in SQL commands. Reports indicate the vulnerability impacts Armalife through 20250916. The; vendor did not communicate completion of a fix within the specified time, and no concret...
CVE-2020-13149
Weak permissions on the "%PROGRAMDATA%\MSI\Dragon Center" folder in Dragon Center before 2.6.2003.2401, shipped with Micro-Star MSI Gaming laptops, allows local authenticated users to overwrite system files and gain escalated privileges. One attack method is to change the Recommended App binary...
CVE-2020-13149
Weak permissions on the "%PROGRAMDATA%\MSI\Dragon Center" folder in Dragon Center before 2.6.2003.2401, shipped with Micro-Star MSI Gaming laptops, allows local authenticated users to overwrite system files and gain escalated privileges. One attack method is to change the Recommended App binary...
CVE-2020-13149
Dragon Center (MSI) on MSI Gaming laptops is affected by CVE-2020-13149 due to weak ACLs on the %PROGRAMDATA%\MSI\Dragon Center folder in versions before 2.6.2003.2401. A local authenticated attacker can overwrite system files and escalate privileges, with attack approaches including replacing th...
CVE-2019-13149
An issue was discovered in TRENDnet TEW-827DRU firmware before 2.05B11. There is a command injection in apply.cgi exploitable with authentication via the key passwd in Routing RIP Settings...
CVE-2019-13149
The TRENDnet TEW-827DRU router (firmware prior to 2.05B11) exposes a command-injection vulnerability in apply.cgi, exploitable with authentication via the key passwd in Routing RIP Settings. CVSS context from NVD/Red Hat CNVD notes base scores around 6.5–8.8 (network, low complexity, privileges r...
CVE-2017-13149
An information disclosure vulnerability in the Android media framework n/a. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID A-65719872...
CVE-2017-13149
CVE-2017-13149 is a confirmed information-disclosure vulnerability in the Android media framework affecting Google Pixel/Nexus devices. Affected components: Media framework; affected Android versions include 7.0, 7.1.1, 7.1.2, and 8.0. The issue is categorized as information disclosure with moder...