Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2026-1350)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AlmaLinux 9 : curl (ALSA-2026:1350)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:1350 advisory. curl: libcurl: Curl out of bounds read for cookie path CVE-2025-9086 Tenable has extracted the preceding description block directly from the AlmaLinux security...

MiracleLinux 7 : firefox-52.0-5.0.1.el7.AXS7 (AXSA:2017-1350:02)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2017-1350:02 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this release:...

EUVD-2026-1350

The User Activity Log plugin is vulnerable to a limited options update in versions up to, and including, 2.2. The failed-login handler 'ualshookwploginfailed' lacks a capability check and writes failed usernames directly into updateoption calls. This makes it possible for unauthenticated attacker...

EUVD-2014-3809

Malware in sbrugna...

EUVD-2022-42264

Malicious code in bioql PyPI...

EUVD-2022-42266

Malicious code in bioql PyPI...

EUVD-2022-42259

Malicious code in bioql PyPI...

EUVD-2022-42262

Malicious code in bioql PyPI...

CVE-2024-1350

Missing Authorization vulnerability in Prasidhda Malla Honeypot for WP Comment.This issue affects Honeypot for WP Comment: from n/a through 2.2.3...

CVE-2022-39815

In NOKIA 1350 OMS R14.2, multiple OS Command Injection vulnerabilities occurs. This vulnerability allow unauthenticated users to execute commands on the operating system...

CVE-2022-39814

In NOKIA 1350 OMS R14.2, an Open Redirect vulnerability occurs is the login page via next HTTP GET parameter...

CVE-2022-39821

In NOKIA 1350 OMS R14.2, an Insertion of Sensitive Information into an Application Log File vulnerability occurs. The web application stores critical information, such as cleartext user credentials, in world-readable files in the filesystem...

CVE-2022-39816

In NOKIA 1350 OMS R14.2, Insufficiently Protected Credentials cleartext administrator password occur in the edit configuration page. Exploitation requires an authenticated attacker...

CVE-2022-39817

In NOKIA 1350 OMS R14.2, multiple SQL Injection vulnerabilities occurs. Exploitation requires an authenticated attacker. Through the injection of arbitrary SQL statements, a potential authenticated attacker can modify query syntax and perform unauthorized and unexpected operations against the...

CVE-2022-39819

In NOKIA 1350 OMS R14.2, multiple OS Command Injection vulnerabilities occurs. This allows authenticated users to execute commands on the operating system...

Important: git

Issue Overview: A flaw was found in the git fast-import command where it provides the export-marks feature that may unexpectedly overwrite arbitrary paths. An attacker can abuse this flaw if they can control the input passed to the fast-import command by using the export-marks feature and overwri...

Oracle Linux 9 : libxml2 (ELSA-2025-1350)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-1350 advisory. 2.9.13-6.1 - Fix CVE-2022-49043 RHEL-76298 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that...

RHEL 9 : libxml2 (RHSA-2025:1350)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:1350 advisory. The libxml2 library is a development toolbox providing the implementation of various XML standards. Security Fixes: libxml: use-after-free in...

CentOS 6 : chromium-browser (RHSA-2020:1350)

The remote CentOS Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:1350 advisory. - Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTM...