AlmaLinux 9 : protobuf (ALSA-2026:3095)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:3095 advisory. python: protobuf: Protobuf: Denial of Service due to recursion depth bypass CVE-2026-0994 Tenable has extracted the preceding description block directly from the...

Amazon Linux 2 : unbound, --advisory ALAS2-2025-3095 (ALAS-2025-3095)

The version of unbound installed on the remote host is prior to 1.7.3-15. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3095 advisory. NLnet Labs Unbound up to and including version 1.24.0 is vulnerable to possible domain hijack attacks. Promiscuous NS RRSets that...

CVE-2023-3095

Improper Access Control in GitHub repository nilsteampassnet/teampass prior to 3.0.9...

CVE-2010-3095

mailscanner before 4.79.11-2.1 might allow local users to overwrite arbitrary files via a symlink attack on certain temporary files. NOTE: this issue exists because of an incomplete fix for CVE-2008-5313...

CVE-2022-3095

The implementation of backslash parsing in the Dart URI class for versions prior to 2.18 and Flutter versions prior to 3.30 differs from the WhatWG URL standards. Dart uses the RFC 3986 syntax, which creates incompatibilities with the '' characters in URIs, which can lead to auth bypass in webapp...

Adobe Digital Editions < 4.5.5 Multiple Vulnerabilities (APSB17-20) (macOS)

The version of Adobe Digital Editions installed on the remote macOS host is prior to 4.5.5. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB17-20 advisory. - Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The...

Adobe Digital Editions < 4.5.5 Multiple Vulnerabilities (APSB17-20)

The version of Adobe Digital Editions installed on the remote Windows host is prior to 4.5.5. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB17-20 advisory. - Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The...

SUSE: Security Advisory (SUSE-SU-2024:3095-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

a-data-processing (=0.0.1), ab-data-processing (=0.0.1) +516 more potentially affected by CVE-2024-3095 via langchain-community (>=0.0.1 <=0.2.7)

langchain-community PYPI version =0.0.1, =0.1.0, =0.0.2, =0.0.1, =0.1.0, =0.0.1, =0.0.18, =0.2.0, =0.0.1, =0.0.2, =0.0.1, =0.0.4a1 - aicat-annotator =0.0.1 and more Source cves: CVE-2024-3095 Source advisory: OSV:GHSA-Q25C-C977-4CMH...

CVE-2024-3095

A Server-Side Request Forgery SSRF vulnerability exists in the Web Research Retriever component of langchain-ai/langchain version 0.1.5. The vulnerability arises because the Web Research Retriever does not restrict requests to remote internet addresses, allowing it to reach local addresses. This...

Oracle Linux 8 : vorbis-tools (ELSA-2024-3095)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2024-3095 advisory. 1:1.4.0-29 - fix out-of-bounds read in oggenc CVE-2023-43361 Tenable has extracted the preceding description block directly from the Oracle Linux security...

Moderate: Red Hat Security Advisory: vorbis-tools security update

An update for vorbis-tools is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

RHEL 5 : httpd and httpd22 (RHSA-2010:0011)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2010:0011 advisory. - httpd: NULL pointer defer in modproxyftp caused by crafted EPSV and PASV reply CVE-2009-3094 - httpd: modproxyftp FTP command injection vi...

CVE-2023-3095

creationtimestamp| type| source ---|---|--- 2023-06-04 14:27:39+00:00| seen| https://t.me/cibsecurity/64966 2025-01-08 20:14:13+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/816...

CVE-2023-3095

CVE-2023-3095 describes an improper access control vulnerability in the open-source TeamPass project (nilsteampassnet/teampass) prior to version 3.0.9. The connected advisories and records consistently note an access-control failure that could permit unauthorized access to items via ID or similar...

CVE-2023-3095 Improper Access Control in nilsteampassnet/teampass

Improper Access Control in GitHub repository nilsteampassnet/teampass prior to 3.0.9...

Oracle Linux 8 : libreswan (ELSA-2023-3095)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-3095 advisory. 4.9-2.0.1.2 - Add libreswan-oracle.patch to detect Oracle Linux distro 4.9-2.2 - Update libreswan-4.9-2176248-authby-rsasig.patch 4.9-2.1 - Resolves: rhbz218764...

Debian: Security Advisory (DSA-1934-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-3095

creationtimestamp| type| source ---|---|--- 2022-10-27 20:33:33+00:00| seen| https://t.me/cibsecurity/52166...

CVE-2022-3095

The implementation of backslash parsing in the Dart URI class for versions prior to 2.18 and Flutter versions prior to 3.30 differs from the WhatWG URL standards. Dart uses the RFC 3986 syntax, which creates incompatibilities with the '' characters in URIs, which can lead to auth bypass in webapp...