Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2026-1518)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.c4-soft.springaddons:keycloak-grants-mapper (>=3.1.13-jdk1.8 <=3.1.14-jdk17) +215 more potentially affected by CVE-2026-1518 via org.keycloak:keycloak-services (>=10.0.0 <=9.0.3)

org.keycloak:keycloak-services MAVEN version =10.0.0, =0.1.0, =3.1.13-jdk1.8, =11.0.1, =1.2.6, =1.2.5, =0.1, =0.1, =1.0.1, =0.1, =1.0.1, =0.1, =1.2.0, =1.4.11 - com.github.wnameless.spring.boot.up:spring-boot-up-embedded-keycloak =24.3.0.0 -...

CVE-2026-1518

A flaw was found in Keycloak’s CIBA feature where insufficient validation of client-configured backchannel notification endpoints could allow blind server-side requests to internal services. Mitigation To mitigate this issue, restrict administrative access to Keycloak instances. Ensure that only...

RockyLinux 8 : grafana-pcp (RLSA-2026:1518)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:1518 advisory. crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 Tenable has extracted the preceding descriptio...

Oracle Linux 8 : grafana-pcp (ELSA-2026-1518)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2026-1518 advisory. 5.1.1-11 - Resolves RHEL-140538: CVE-2025-61729 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note tha...

AlmaLinux 8 : grafana-pcp (ALSA-2026:1518)

The remote AlmaLinux 8 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2026:1518 advisory. crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 Tenable has extracted the preceding description...

MiracleLinux 8 : xterm-331-1.el8.2 (AXSA:2021-1518:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1518:01 advisory. xterm: crash when processing combining characters CVE-2021-27135 Tenable has extracted the preceding description block directly from the MiracleLinux securit...

MiracleLinux 3 : firefox-24.5.0-1.0.1.AXS3 (AXSA:2014-327:02)

The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2014-327:02 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this releas...

MiracleLinux 4 : java-1.6.0-openjdk-1.6.0.0-1.61.1.11.11.AXS4 (AXSA:2013-428:03)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-428:03 advisory. The OpenJDK runtime environment. Security issues fixed with this release: CVE-2013-0401 The Java Runtime Environment JRE component in Oracle Java SE ...

MiracleLinux 4 : firefox-24.5.0-1.0.1.AXS4 (AXSA:2014-296:03)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2014-296:03 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this releas...

CVE-2001-1518

RunAs runas.exe in Windows 2000 only creates one session instance at a time, which allows local users to cause a denial of service RunAs hang by creating a named pipe session with the authentication server without any request for service. NOTE: the vendor disputes this vulnerability, however the...

CVE-2010-1518

Array index error in the SetDLInfo method in the GIGABYTE Dldrv2 ActiveX control 1.4.206.11 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via the item argument...

CVE-2009-1518

Cross-site request forgery CSRF vulnerability in Beltane before 2.3.11 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

RHEL 8 : Red Hat OpenStack Platform 16.2.6 (python-twisted) (RHSA-2024:1518)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:1518 advisory. Twisted is a networking engine written in Python, supporting numerous protocols. It contains a web server, numerous chat clients, chat servers, mail...

CP Plus KVMS Pro

1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION: Low attack complexity Vendor: CP Plus Equipment: KVMS Pro Vulnerability: Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to retrieve sensitive credentials and control the...

CVE-2023-1518

CP Plus KVMS Pro versions 2.01.0.T.190521 and prior are vulnerable to sensitive credentials being leaked because they are insufficiently protected...

CVE-2023-1518

CP Plus KVMS Pro versions 2.01.0.T.190521 and prior are vulnerable to sensitive credentials being leaked because they are insufficiently protected...

CVE-2023-1518

CVE-2023-1518 affects CP Plus KVMS Pro, specifically versions 2.01.0.T.190521 and earlier. The vulnerability is described as insufficiently protected credentials, leading to leakage of sensitive credentials and potential control over the CCTV system. According to the ICS advisory, exploitation is...

SUSE CVE-2011-1518

Multiple cross-site scripting XSS vulnerabilities in Open Ticket Request System OTRS 2.4.x before 2.4.10 and 3.x before 3.0.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...

Security Bulletin: IBM Operational Decision Manager and WebSphere ILOG JRules: Multiple security vulnerabilities in IBM JRE

Abstract This Security Bulletin addresses the security vulnerabilities that have shipped with the IBM Java Runtime Environment JRE included in IBM Operational Decision Manager and IBM ILOG JRules. IBM ODM and ILOG JRules now include the most recent version of the IBM JRE which fixes the security...