CVE-2026-22731

Spring Boot applications with Actuator can be vulnerable to an "Authentication Bypass" vulnerability when an application endpoint that requires authentication is declared under a specific path, already configured for a Health Group additional path. This issue affects Spring Boot: from 4.0 before...

Linux Distros Unpatched Vulnerability : CVE-2021-33622

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sylabs Singularity 3.5.x and 3.6.x, and SingularityPRO before 3.5-8, has an Incorrect Check of a Function's Return Value. CVE-2021-33622 Note that Nessus relies...

EUVD-2022-3932

Malicious code in bioql PyPI...

EUVD-2022-2582

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2024-28836

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When negotiating the TLS version on the server side, it can fall back to the TLS 1.2 implementation of t...

CVE-2010-2218

Adobe Flash Media Server FMS before 3.0.6, and 3.5.x before 3.5.4, allows attackers to cause a denial of service via unspecified vectors, related to a "JS method issue."...

CVE-2024-49195

Mbed TLS 3.5.x through 3.6.x before 3.6.2 has a buffer underrun in pkwrite when writing an opaque key pair...

CVE-2024-49195

Mbed TLS 3.5.x through 3.6.x before 3.6.2 has a buffer underrun in pkwrite when writing an opaque key pair...

CVE-2024-49195

Mbed TLS 3.5.x through 3.6.x before 3.6.2 has a buffer underrun in pkwrite when writing an opaque key pair...

PT-2024-11728 · Northern.Tech · Mender

Name of the Vulnerable Software and Affected Versions: Northern.tech Mender versions 3.3.x through 3.3.1 Northern.tech Mender versions 3.4.x through 3.4.0 Northern.tech Mender versions 3.5.x through 3.5.0 Northern.tech Mender versions 3.6.x through 3.6.0 Description: The issue is related to...

CVE-2024-28836

An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When negotiating the TLS version on the server side, it can fall back to the TLS 1.2 implementation of the protocol if it is disabled. If the TLS 1.2 implementation was disabled at build time, a TLS 1.2 client could put a TLS 1.3-only server...

CVE-2024-28836

CVE-2024-28836 affects Mbed TLS 3.5.x before 3.6.0. During server-side TLS version negotiation, the implementation can fall back to TLS 1.2 if TLS 1.2 is disabled. If TLS 1.2 was disabled at build time, a TLS 1.2 client could cause a denial of service by looping on a TLS 1.2 ClientHello for a TLS...

CVE-2024-28836

An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When negotiating the TLS version on the server side, it can fall back to the TLS 1.2 implementation of the protocol if it is disabled. If the TLS 1.2 implementation was disabled at build time, a TLS 1.2 client could put a TLS 1.3-only server...

CVE-2024-28836

An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When negotiating the TLS version on the server side, it can fall back to the TLS 1.2 implementation of the protocol if it is disabled. If the TLS 1.2 implementation was disabled at build time, a TLS 1.2 client could put a TLS 1.3-only server...

etcd < 3.4.26, 3.5.x < 3.5.9 Information Disclosure Vulnerability (GHSA-3p4g-rcw5-8298)

etcd is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:etcd:etcd"; if...

CVE-2022-48364

The undomarkstatusesassensitive method in app/services/approveappealservice.rb in Mastodon 3.5.x before 3.5.3 does not use the server's representative account, resulting in moderator identity disclosure when a moderator approves the appeal of a user whose status update was marked as sensitive...

Design/Logic Flaw

The undomarkstatusesassensitive method in app/services/approveappealservice.rb in Mastodon 3.5.x before 3.5.3 does not use the server's representative account, resulting in moderator identity disclosure when a moderator approves the appeal of a user whose status update was marked as sensitive...

CVE-2022-48364

The undomarkstatusesassensitive method in app/services/approveappealservice.rb in Mastodon 3.5.x before 3.5.3 does not use the server's representative account, resulting in moderator identity disclosure when a moderator approves the appeal of a user whose status update was marked as sensitive...

Moodle 3.5.x < 3.5.18 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.5.x prior to 3.5.18, 3.8.x prior to 3.8.9, 3.9.x prior to 3.9.7 or 3.10.x prior to 3.10.4. It is, therefore, affected by multiple vulnerabilities: - An authorization issue allowing teachers to export a CSV file containing forums from all...

SUSE CVE-2009-2953

Mozilla Firefox 3.0.6 through 3.0.13, and 3.5.x, allows remote attackers to cause a denial of service CPU consumption via JavaScript code with a long string value for the hash property aka location.hash, a related issue to CVE-2008-5715...