MAL-2026-1786 Malicious code in libxmljs9 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bf963cb34c40586e2ba2844d3ed3d480c0e296e6faf1c9530d62776ed081d59f The package libxmljs9 was found to contain malicious code...

MiracleLinux 9 : cloud-init-23.1.1-11.el9.ML.1 (AXSA:2023-7004:08)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-7004:08 advisory. cloud-init: sensitive data could be exposed in logs CVE-2023-1786 Tenable has extracted the preceding description block directly from the MiracleLinux securi...

MiracleLinux 8 : cloud-init-23.1.1-10.el8.ML.1 (AXSA:2023-7278:09)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-7278:09 advisory. cloud-init: sensitive data could be exposed in logs CVE-2023-1786 Tenable has extracted the preceding description block directly from the MiracleLinux securi...

EUVD-2026-1786

The BetterDocs plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.3 via the scripts function. This makes it possible for authenticated attackers, with contributor-level access and above, to extract sensitive data including the OpenAI API...

CLSA-2025-1760025490 cloud-init: Fix of CVE-2023-1786

CVE-2023-1786: fix leak of sensitive user/vendor data and enforce 640 perms on cloud-init.log...

Linux Distros Unpatched Vulnerability : CVE-2016-1786

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Page Loading implementation in WebKit in Apple iOS before 9.3 and Safari before 9.1 mishandles HTTP responses with a 3xx aka redirection status code, which...

Linux Distros Unpatched Vulnerability : CVE-2022-1786

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A use-after-free flaw was found in the Linux kernel's iouring subsystem in the way a user sets up a ring with IORINGSETUPIOPOLL with more than one task completi...

CVE-2021-1786

A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. A local user may be able to create or modify system files...

Linux Distros Unpatched Vulnerability : CVE-2023-1786

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escala...

CVE-2025-1786 rizinorg rizin pdb.c msf_stream_directory_free buffer overflow

A vulnerability was found in rizinorg rizin up to 0.7.4. It has been rated as critical. This issue affects the function msfstreamdirectoryfree in the library /librz/bin/pdb/pdb.c. The manipulation of the argument -P leads to buffer overflow. Local access is required to approach this attack. The...

openSUSE Security Advisory (SUSE-SU-2024:0128-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 8 : httpd:2.4/mod_http2 (ELSA-2024-1786)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-1786 advisory. httpd modhttp2 1.15.7-8.5 - Resolves: RHEL-29816 - httpd:2.4/modhttp2: httpd: CONTINUATION frames DoS CVE-2024-27316 modmd Tenable has extracted the preceding...

AlmaLinux 8 : httpd:2.4/mod_http2 (ALSA-2024:1786)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:1786 advisory. httpd: modhttp2: CONTINUATION frames DoS CVE-2024-27316 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note...

CVE-2024-1786 D-Link DIR-600M C1 Telnet Service buffer overflow

UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, has been found in D-Link DIR-600M C1 3.08. Affected by this issue is some unknown functionality of the component Telnet Service. The manipulation of the argument username leads to buffer overflow. The attack may be...

CVE-2024-1786

The CVE-2024-1786 issue affects D-Link DIR-600M C1 with firmware 3.08, where the Telnet Service is vulnerable to a buffer overflow triggered by manipulating the username argument. The vulnerability is remote (attack vector: NETWORK) and described as high severity, with exploitation possible witho...

SUSE SLES15 / openSUSE 15 Security Update : cloud-init (SUSE-SU-2024:0128-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:0128-1 advisory. - Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find...

EulerOS Virtualization 3.0.6.0 : cloud-init (EulerOS-SA-2023-3422)

According to the versions of the cloud-init package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. Th...

EulerOS 2.0 SP10 : cloud-init (EulerOS-SA-2023-2781)

According to the versions of the cloud-init package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords...

EulerOS 2.0 SP11 : cloud-init (EulerOS-SA-2023-2855)

According to the versions of the cloud-init package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. This leak could...

EulerOS 2.0 SP10 : cloud-init (EulerOS-SA-2023-2805)

According to the versions of the cloud-init package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords...