MINI-F633-2952-WX4J

Bulletin has no description...

CVE-2026-2952

creationtimestamp| type| source ---|---|--- 2026-02-26 10:00:14+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mfqwrxe5ft22...

CVE-2026-2952

A flaw has been found in Vaelsys 4.1.0. This vulnerability affects unknown code of the file /tree/treeserver.php of the component HTTP POST Request Handler. This manipulation of the argument xajaxargs causes os command injection. The attack is possible to be carried out remotely. The exploit has...

RHEL 10 : freerdp (RHSA-2026:2952)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2952 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol RDP, released under the Apache license. The xfreerdp client can connect to...

MiracleLinux 7 : java-1.7.0-openjdk-1.7.0.191-2.6.15.4.0.1.el7.AXS7 (AXSA:2018-3274:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3274:03 advisory. OpenJDK: insufficient index validation in PatternSyntaxException getMessage Concurrency, 8199547 CVE-2018-2952 Tenable has extracted the preceding descriptio...

MiracleLinux 4 : java-1.8.0-openjdk-1.8.0.181-3.b13.AXS4 (AXSA:2018-3264:03)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3264:03 advisory. OpenJDK: insufficient index validation in PatternSyntaxException getMessage Concurrency, 8199547 CVE-2018-2952 Tenable has extracted the preceding descriptio...

MiracleLinux 4 : java-1.7.0-openjdk-1.7.0.191-2.6.15.4.AXS4 (AXSA:2018-3267:05)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3267:05 advisory. OpenJDK: insufficient index validation in PatternSyntaxException getMessage Concurrency, 8199547 CVE-2018-2952 Tenable has extracted the preceding descriptio...

CVE-2024-2952

BerriAI/litellm is vulnerable to Server-Side Template Injection SSTI via the /completions endpoint. The vulnerability arises from the hfchattemplate method processing the chattemplate parameter from the tokenizerconfig.json file through the Jinja template engine without proper sanitization...

EUVD-2015-3037

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2023-2952

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XRA dissector infinite loop in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via packet injection or crafted capture file CVE-2023-2952...

CVE-2018-2952 vulnerabilities

Vulnerabilities for packages: openjdk-11-openj9, openjdk-25-openj9, openjdk-26-openj9, corretto, openjdk-8-openj9, openjdk-21-openj9, openjdk-17-openj9...

Amazon Linux 2 : ImageMagick (ALAS-2025-2952)

The version of ImageMagick installed on the remote host is prior to 6.9.10.97-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2952 advisory. ImageMagick is free and open-source software used for editing and manipulating digital images. Versions prior to...

Wireshark 3.6.x < 3.6.14, 4.0.x < 4.0.6 Multiple Vulnerabilities (Jul 2025) - Windows

Wireshark is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"; ifdescripti...

Wireshark 3.6.x < 3.6.14, 4.0.x < 4.0.6 Multiple Vulnerabilities (Jul 2025) - Mac OS X

Wireshark is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"; ifdescripti...

TencentOS Server 3: wireshark (TSSA-2023:0280)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0280 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Alibaba Cloud Linux 3 : 0075: wireshark (ALINUX3-SA-2024:0075)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0075 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-0666: Due to failure in validatin...

RockyLinux 8 : resource-agents (RLSA-2024:2952)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2952 advisory. urllib3: Request body not stripped after redirect from 303 status changes request method to GET CVE-2023-45803 pycryptodome: side-channel leakage for OAE...

CVE-2025-2952

creationtimestamp| type| source ---|---|--- 2025-03-30 15:29:39+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9549 2025-03-30 18:55:46+00:00| seen| https://t.me/cvedetector/21515...

CVE-2025-2952

CVE-2025-2952 : Bluestar Micro Mall 1.0 contains a vulnerability in the API endpoint /api/api.php?mod=upload&type=1 where manipulating the File parameter leads to unrestricted file upload. The issue is exploitable remotely and the exploit has been disclosed publicly, enabling potential remote com...

CVE-2024-2952

creationtimestamp| type| source ---|---|--- 2024-04-12 08:26:51+00:00| seen| https://t.me/arpsyndicate/4564...