ECHO-9B94-4C06-2947

Bulletin has no description...

CVE-2026-2947 rymcu forest User Profile UserInfoController.java updateUserInfo cross site scripting

A vulnerability was detected in rymcu forest up to 0.0.5. This affects the function updateUserInfo of the file - src/main/java/com/rymcu/forest/web/api/user/UserInfoController.java of the component User Profile Handler. The manipulation results in cross site scripting. The attack can be executed...

[SECURITY] Fedora 42 Update: gpsd-3.25-17.fc42

gpsd is a service daemon that mediates access to a GPS sensor connected to the host computer by serial or USB interface, making its data on the location/course/velocity of the sensor available to be queried on TCP port 2947 of the host computer. With gpsd, multiple GPS client applications such as...

[SECURITY] Fedora 43 Update: gpsd-3.26.1-6.fc43

gpsd is a service daemon that mediates access to a GPS sensor connected to the host computer by serial or USB interface, making its data on the location/course/velocity of the sensor available to be queried on TCP port 2947 of the host computer. With gpsd, multiple GPS client applications such as...

Linux Distros Unpatched Vulnerability : CVE-2018-17937

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3, an open source project, allow a stack-based buffer overflow, which may allow remote attackers to...

TencentOS Server 3: cockpit (TSSA-2024:0238)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0238 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

TencentOS Server 4: cockpit (TSSA-2025:0181)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0181 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

CVE-2009-2947

Cross-site scripting XSS vulnerability in Xapian Omega before 1.0.16 allows remote attackers to inject arbitrary web script or HTML via unspecified CGI parameter values, which are sometimes included in exception messages...

CVE-2025-2947

creationtimestamp| type| source ---|---|--- 2025-04-17 20:30:15+00:00| seen| https://t.me/cvedetector/23245 2025-04-18 02:58:02+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/12380...

CVE-2025-2947

IBM i 7.6 contains a privilege escalation vulnerability due to incorrect profile swapping in an OS command. A malicious actor can use the command to elevate privileges to gain root access to the host operating system...

CVE-2025-2947

IBM i 7.6 contains a privilege escalation vulnerability due to incorrect profile swapping in an OS command. A malicious actor can use the command to elevate privileges to gain root access to the host operating system...

CVE-2025-2947

CVE-2025-2947 affects IBM i 7.6 and describes a privilege-escalation vulnerability caused by incorrect profile swapping in an OS command, enabling a malicious actor to gain root access. The issue is confirmed across multiple feeds (NVD, Red Hat, CVE listing) with a CVSSv3 base score of 7.2 (netwo...

cockpit security update

An update is available for cockpit. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Cockpit enables users to administer GNU/Linux servers using a web browser. It...

RLSA-2024:3667 Moderate: cockpit security update

Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. Security Fixes: cockpit: command injection when deleting a sosreport with a crafted...

AlmaLinux 9 : cockpit (ALSA-2024:3843)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:3843 advisory. cockpit: command injection when deleting a sosreport with a crafted name CVE-2024-2947 Tenable has extracted the preceding description block directly from the...

Oracle Linux 9 : cockpit (ELSA-2024-3843)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3843 advisory. 311.2-1.0.1 - Replaced upstream urls in documentation with oracle links Orabug: 36528753 - Drop subscription-manager-cockpit requirement for ol Orabug: 34681110...

Moderate: Red Hat Security Advisory: cockpit security update

An update for cockpit is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

ALSA-2024:3843 Moderate: cockpit security update

Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. Security Fixes: cockpit: command injection when deleting a sosreport with a crafted...

Moderate: Red Hat Security Advisory: cockpit security update

An update for cockpit is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

AlmaLinux 8 : cockpit (ALSA-2024:3667)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:3667 advisory. cockpit: command injection when deleting a sosreport with a crafted name CVE-2024-2947 Tenable has extracted the preceding description block directly from the...