CVE-2019-25607

Axessh 4.2 contains a stack-based buffer overflow vulnerability in the log file name field that allows local attackers to execute arbitrary code by supplying an excessively long filename. Attackers can overflow the buffer at offset 214 bytes to overwrite the instruction pointer and execute...

CVE-2026-3483

creationtimestamp| type| source ---|---|--- 2026-03-10 19:08:12+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/ivanti-security-advisory-av26-214 2026-03-11 03:00:11+00:00| seen| https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-DSM-CVE-2026-3483?language=enUS 2026-03-12...

MAL-2025-192127 Malicious code in elf-stats-shimmering-icicle-214 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 96ca3abcea281dea2598c978d9fc07b1657c51e80915341681ba6b8f7b9624d0 The package elf-stats-shimmering-icicle-214 was found to contain malicious code...

Malicious code in elf-stats-sleighing-hammer-214 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4449be6df6e0ff670b9d07b349d782058068c40a3bb3b6dfd782e90aac10a58c The package elf-stats-sleighing-hammer-214 was found to contain malicious code...

EUVD-2025-200816

Malicious code in elf-stats-sleighing-hammer-214 npm...

MAL-2025-192136 Malicious code in elf-stats-sleighing-hammer-214 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4449be6df6e0ff670b9d07b349d782058068c40a3bb3b6dfd782e90aac10a58c The package elf-stats-sleighing-hammer-214 was found to contain malicious code...

Malicious code in elf-stats-shimmering-icicle-214 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 96ca3abcea281dea2598c978d9fc07b1657c51e80915341681ba6b8f7b9624d0 The package elf-stats-shimmering-icicle-214 was found to contain malicious code...

CVE-2022-29550

An issue was discovered in Qualys Cloud Agent 4.8.0-49. It writes "ps auxwwe" output to the /var/log/qualys/qualys-cloud-agent-scan.log file. This may, for example, unexpectedly write credentials from environment variables to disk in cleartext. NOTE: there are no common circumstances in which...

GHSA-HPXR-W9W7-G4GV stereoscope vulnerable to tar path traversal when processing OCI tar archives

Impact It is possible to craft an OCI tar archive that, when stereoscope attempts to unarchive the contents, will result in writing to paths outside of the unarchive temporary directory. Specifically, use of github.com/anchore/stereoscope/pkg/file.UntarToDirectory function, the...

CVE-2023-4154 Samba: ad dc password exposure to privileged users and rodcs

A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers RODCs. This flaw allows RODCs and users possessing the GETCHANGES right to access all attributes, including sensitive...

Amazon Linux 2023 : yajl, yajl-devel (ALAS2023-2023-214)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-214 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks ...

Amazon Linux 2022 : nodejs (ALAS2022-2022-214)

The version of nodejs installed on the remote host is prior to 18.4.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-214 advisory. - The parser in accepts requests with a space SP right after the header name before the colon. This can lead to HTTP...

CVE-2022-29550

An issue was discovered in Qualys Cloud Agent 4.8.0-49. It writes "ps auxwwe" output to the /var/log/qualys/qualys-cloud-agent-scan.log file. This may, for example, unexpectedly write credentials from environment variables to disk in cleartext. NOTE: there are no common circumstances in which...

Code injection

DISPUTED An issue was discovered in Qualys Cloud Agent 4.8.0-49. It writes "ps auxwwe" output to the /var/log/qualys/qualys-cloud-agent-scan.log file. This may, for example, unexpectedly write credentials from environment variables to disk in cleartext. NOTE: there are no common circumstances in...

CVE-2022-29550

CVE-2022-29550 affects Qualys Cloud Agent 4.8.0-49 and concerns logging of ps auxwwe output to /var/log/qualys/qualys-cloud-agent-scan.log. The issue could expose credentials from environment variables in the log if verbose tracing is enabled; the vendor notes the ps data collection is intentiona...

Rickroll Grad Prank Exposes Exterity IPTV Bug

UPDATE When Township High School District 214 in Illinois got rickrolled all at once across its six different schools just before graduation, it was more than a meticulously executed senior prank. Cybersecurity star-in-the-making and recent high-school graduate Minh Duong found, and was able to...

CVE-2017-8904

Xen through 4.8.x mishandles the "contains segment descriptors" property during GNTTABOPtransfer aka guest transfer operations, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-214...

CVE-2017-8904

Xen through 4.8.x mishandles the "contains segment descriptors" property during GNTTABOPtransfer aka guest transfer operations, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-214...

CVE-2017-8904

Xen through 4.8.x mishandles the "contains segment descriptors" property during GNTTABOPtransfer aka guest transfer operations, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-214...

Cross site request forgery (csrf)

Xen through 4.8.x mishandles the "contains segment descriptors" property during GNTTABOPtransfer aka guest transfer operations, which might allow PV guest OS users to execute arbitrary code on the host OS, aka XSA-214...