TencentOS Server 4: libvncserver (TSSA-2026:0246)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0246 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

openSUSE 16 Security Update : LibVNCServer (openSUSE-SU-2026:20552-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20552-1 advisory. - CVE-2026-32853: crafted FramebufferUpdate message can lead to information disclosure or denial of service bsc1260431. - CVE-2026-32854: crafte...

Medium: libvncserver

Issue Overview: LibVNCServer versions 0.9.15 and prior fixed in commit 009008e contain a heap out-of-bounds read vulnerability in the UltraZip encoding handler that allows a malicious VNC server to cause information disclosure or application crash. Attackers can exploit improper bounds checking i...

openSUSE Security Advisory (SUSE-SU-2026:1173-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : LibVNCServer (SUSE-SU-2026:1173-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1173-1 advisory. - CVE-2026-32853: crafted FramebufferUpdate message can lead to information disclosure or denial...

Dell PowerScale OneFS 8.2.2 <= 9.5.0.8 / 9.6.0.0 <= 9.7.0.2 Escalation of Privileges (DSA-2024-255)

The Dell PowerScale OneFS on the remote device is missing a security patch and is, therefore, affected by escalation of privileges vulnerability: - Dell PowerScale OneFS versions 8.2.2.x through 9.7.0.2 contain an execution with unnecessary privileges vulnerability. A local low privileged attacke...

CVE-2023-32853

In rpmb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07648764; Issue ID: ALPS07648764...

CVE-2022-32853

An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory...

CVE-2021-32853

Erxes, an experience operating system XOS with a set of plugins, is vulnerable to cross-site scripting in versions 0.22.3 and prior. This results in client-side code execution. The victim must follow a malicious link or be redirected there from malicious web site. There are no known patches...

CVE-2025-32853

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UnlockDatabaseSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read...

CVE-2025-32853

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UnlockDatabaseSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read...

CVE-2025-32853

TeleControl Server Basic (versions before 3.1.2.2) is vulnerable to SQL injection via the internal UnlockDatabaseSettings method. An authenticated remote attacker who can access port 8000 can bypass authorization, read/write the application database, and execute code with NT AUTHORITY\NetworkServ...

CVE-2023-32853

creationtimestamp| type| source ---|---|--- 2023-12-22 11:22:07+00:00| seen| https://t.me/ctinow/158311...

CVE-2023-32853

CVE-2023-32853 describes a possible out-of-bounds write in the rpmb module that could enable local privilege escalation with System-level privileges; no user interaction is required for exploitation. The description states a missing bounds check as the root cause. Patch ID: ALPS07648764; Issue ID...

CVE-2021-32853

creationtimestamp| type| source ---|---|--- 2023-02-21 03:15:45+00:00| seen| https://t.me/cibsecurity/58553...

CVE-2021-32853

Erxes XOS is affected by a cross-site scripting vulnerability tracked as CVE-2021-32853. Publicly disclosed for versions 0.22.3 and earlier, it enables client-side code execution when a victim follows a malicious link or is redirected from a malicious site. The core issue is improper escaping of ...

CVE-2021-32853 Erxes vulnerable to Cross-site Scripting

Erxes, an experience operating system XOS with a set of plugins, is vulnerable to cross-site scripting in versions 0.22.3 and prior. This results in client-side code execution. The victim must follow a malicious link or be redirected there from malicious web site. There are no known patches...

CVE-2021-32853 Erxes vulnerable to Cross-site Scripting

Erxes, an experience operating system XOS with a set of plugins, is vulnerable to cross-site scripting in versions 0.22.3 and prior. This results in client-side code execution. The victim must follow a malicious link or be redirected there from malicious web site. There are no known patches...

CVE-2022-32853

creationtimestamp| type| source ---|---|--- 2022-09-23 22:27:07+00:00| seen| https://t.me/cibsecurity/50413...

CVE-2022-32853

An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted AppleScript binary may result in unexpected termination or disclosure of process memory...