Python Library OpenEXR 3.4.x < 3.4.7 Heap Buffer Overflow (OOB Read)

The version of the OpenEXR Python package installed on the remote host is 3.4.x prior to 3.4.7. It is, therefore, affected by a heap buffer overflow vulnerability: - A heap-buffer-overflow out-of-bounds read occurs in the the HTJ2K decoder in OpenEXR when copying decompressed samples from OpenJPH...

CVE-2026-22731

Spring Boot applications with Actuator can be vulnerable to an "Authentication Bypass" vulnerability when an application endpoint that requires authentication is declared under a specific path, already configured for a Health Group additional path. This issue affects Spring Boot: from 4.0 before...

EUVD-2015-8444

Malware in sbrugna...

EUVD-2022-0749

Malicious code in bioql PyPI...

EUVD-2022-3241

Malicious code in bioql PyPI...

EUVD-2022-3015

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-39922

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in the C12.22 dissector in Wireshark 3.4.0 to 3.4.9 and 3.2.0 to 3.2.17 allows denial of service via packet injection or crafted capture file...

Linux Distros Unpatched Vulnerability : CVE-2017-15569

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/helpers/querieshelper.rb via a multi-value field with a crafted value tha...

Linux Distros Unpatched Vulnerability : CVE-2023-45199

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mbed TLS 3.2.x through 3.4.x before 3.5 has a Buffer Overflow that can lead to remote Code execution. CVE-2023-45199 Note that Nessus relies on the presence of...

PT-2024-11728 · Northern.Tech · Mender

Name of the Vulnerable Software and Affected Versions: Northern.tech Mender versions 3.3.x through 3.3.1 Northern.tech Mender versions 3.4.x through 3.4.0 Northern.tech Mender versions 3.5.x through 3.5.0 Northern.tech Mender versions 3.6.x through 3.6.0 Description: The issue is related to...

SUSE CVE-2012-1190

Cross-site scripting XSS vulnerability in the replication-setup functionality in js/replication.js in phpMyAdmin 3.4.x before 3.4.10.1 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted database name...

SUSE CVE-2015-2908

Mobile Devices aka MDI C4 OBD-II dongles with firmware 2.x and 3.4.x, as used in Metromile Pulse and other products, do not validate firmware updates, which allows remote attackers to execute arbitrary code by specifying an update server...

GHSA-G4RG-RW65-8HFG Symfony Session Fixation Vulnerability

An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. A session fixation vulnerability within the "Guard" login feature may allow an attacker to impersonate a victim towards the web...

GHSA-R2RQ-3H56-FQM4 Symfony DoS

An issue was discovered in the HttpFoundation component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. The PDOSessionHandler class allows storing sessions on a PDO connection. Under some configurations and with a well-crafte...

Symfony DoS

An issue was discovered in the HttpFoundation component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. The PDOSessionHandler class allows storing sessions on a PDO connection. Under some configurations and with a well-crafte...

GHSA-G4G7-Q726-V5HG Symfony CSRF Token Fixation

An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. By default, a user's session is invalidated when the user is logged out. This behavior can be disabled through the...

GHSA-79HG-357G-RRGV Centreon SQL Injection

Centreon 3.4.x fixed in Centreon 18.10.0 and Centreon web 2.8.28 allows SQL Injection via the main.php searchH parameter...

GHSA-7G3C-HRC6-5V4J Centreon XSS Vulnerability

Centreon 3.4.x fixed in Centreon 18.10.0 has XSS via the resource name or macro expression of a poller macro...

Centreon XSS Vulnerability

Centreon 3.4.x fixed in Centreon 18.10.0 has XSS via the resource name or macro expression of a poller macro...

GHSA-8VH5-J6XJ-5953 Centreon XSS Vulnerability

Centreon 3.4.x fixed in Centreon 18.10.0 allows XSS via the Service field to the main.php?p=20201 URI, as demonstrated by the "Monitoring Status Details Services" screen...