Siemens SIMATIC Devices Improper Input Validation (CVE-2024-26870)

NFSv4.2: fix nfs4listxattr kernel BUG at mm/usercopy.c:102. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid503505; scriptversion"1.2";...

EUVD-2021-1568

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-26870

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cure53 DOMPurify before 2.0.17 allows mutation XSS. This occurs because a serialize-parse roundtrip does not necessarily return the original DOM tree, and a...

CVE-2025-26870

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetEngine jet-engine allows DOM-Based XSS.This issue affects JetEngine: from n/a through = 3.6.4.1...

CVE-2025-26870 WordPress JetEngine plugin <= 3.6.4.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Crocoblock JetEngine jet-engine allows DOM-Based XSS.This issue affects JetEngine: from n/a through = 3.6.4.1...

CVE-2025-26870

CVE-2025-26870 is a DOM-based Cross-Site Scripting vulnerability in JetEngine (NotFound) with the root cause described as improper neutralization of input during web page generation, enabling a DOM-based XSS condition. The vulnerability affects JetEngine versions up to 3.6.4.1 and is classified a...

WordPress JetEngine plugin <= 3.6.4.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin JetEngine versions = 3.6.4.1...

RHEL 9 : kernel (RHSA-2024:9546)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:9546 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: drm/amdgpu: use-after-free...

Linux Distros Unpatched Vulnerability : CVE-2024-26870

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: NFSv4.2: fix nfs4listxattr kernel BUG at mm/usercopy.c:102 A call to listxattr with a buffer...

Moderate: Red Hat Security Advisory: kernel security update

An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

RHEL 9 : kernel (RHSA-2024:9497)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:9497 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: net: fix possible store tearin...

RockyLinux 8 : kernel-rt (RLSA-2024:5102)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:5102 advisory. kernel: efivarfs: force RO when remounting if SetVariable is not supported CVE-2023-52463 kernel: tracing: Restructure traceclockglobal to never block...

Important: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

RHEL 8 : kernel (RHSA-2024:5065)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5065 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: drm: Don't unref the same fb...

USN-6821-4: Linux kernel (Azure) vulnerabilities

It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...

BELL-CVE-2024-26870

Bulletin has no description...

CVE-2024-26870

A flaw was found in the Linux kernel. A system error can be reliably replicated with specific filesystem settings, allowing an attacker to cause a denial of service...

CVE-2024-26870

In the Linux kernel, the following vulnerability has been resolved: NFSv4.2: fix nfs4listxattr kernel BUG at mm/usercopy.c:102 A call to listxattr with a buffer size = 0 returns the actual size of the buffer needed for a subsequent call. When size 0, nfs4listxattr does not return an error because...

GHSA-3244-8MFF-W398 Reflected XSS in Gotify's /docs via import of outdated Swagger UI

Impact Gotify exposes an outdated instance of the Swagger UI API documentation frontend at /docs which is susceptible to reflected XSS attacks when loading external Swagger config files. Specifically, the DOMPurify version included with this version of Swagger UI is vulnerable to a rendering XSS...

Reflected XSS in Gotify's /docs via import of outdated Swagger UI

Impact Gotify exposes an outdated instance of the Swagger UI API documentation frontend at /docs which is susceptible to reflected XSS attacks when loading external Swagger config files. Specifically, the DOMPurify version included with this version of Swagger UI is vulnerable to a rendering XSS...