Photon OS 5.0: Rubygem PHSA-2026-5.0-0802

An update of the rubygem package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-5.0-0802. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2026-33176 vulnerabilities

Vulnerabilities for packages: kube-logging-operator, ruby3.2-rails, cinc-auditor, ruby3.4-rails, kube-fluentd-operator...

CVE-2026-33176

creationtimestamp| type| source ---|---|--- 2026-03-24 00:01:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhrbh4rklw2x...

CVE-2021-33176

VerneMQ MQTT Broker versions prior to 1.12.0 are vulnerable to a denial of service attack as a result of excessive memory consumption due to the handling of untrusted inputs. These inputs cause the message broker to consume large amounts of memory, resulting in the application being terminated by...

CVE-2022-33176

Improper input validation in BIOS firmware for some IntelR NUC 11 Performance kits and IntelR NUC 11 Performance Mini PCs before version PATGL357.0042 may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2025-33176

NVIDIA RunAI for all platforms contains a vulnerability where a user could cause an improper restriction of communications channels on an adjacent network. A successful exploit of this vulnerability might lead to escalation of privileges, data tampering, and information disclosure...

CVE-2025-33176

creationtimestamp| type| source ---|---|--- 2025-11-04 21:11:21+00:00| seen| https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m4th3sgccd32 2025-11-04 22:01:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m4tjw7n54u2n...

Server side request forgery (ssrf)

BigBlueButton is an open-source virtual classroom. BigBlueButton prior to versions 2.6.12 and 2.7.0-rc.1 is vulnerable to Server-Side Request Forgery SSRF. This issue is a bypass of CVE-2023-33176. A patch in versions 2.6.12 and 2.7.0-rc.1 disabled follow redirect at httpclient.execute since the...

Blind SSRF When Uploading Presentation (mitigation bypass)

Description This is actually a bypass of CVE-2023-33176 when i able to perform SSRF to internal network. Proof of Concept As we already know, we can upload files via api /bigbluebutton/api/insertDocument using a remote url. PresentationUrlDownloadServicesavePresentation is the method to handle th...

CVE-2023-33176

creationtimestamp| type| source ---|---|--- 2023-06-27 00:11:07+00:00| seen| https://t.me/cibsecurity/65533 2023-10-31 01:20:33+00:00| seen| https://t.me/cibsecurity/73198...

CVE-2022-33176

creationtimestamp| type| source ---|---|--- 2022-11-13 05:45:16+00:00| seen| https://t.me/cibsecurity/52886...

CVE-2022-33176

Improper input validation in BIOS firmware for some IntelR NUC 11 Performance kits and IntelR NUC 11 Performance Mini PCs before version PATGL357.0042 may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2022-33176

CVE-2022-33176 affects BIOS firmware for some Intel NUC 11 Performance kits and NUC 11 Performance Mini PCs. The root cause is improper input validation in the BIOS firmware, which may allow a privileged user with local access to escalate privileges. Intel lists the fix as firmware version PATGL3...

CVE-2022-33176

Improper input validation in BIOS firmware for some IntelR NUC 11 Performance kits and IntelR NUC 11 Performance Mini PCs before version PATGL357.0042 may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2022-33176

Improper input validation in BIOS firmware for some IntelR NUC 11 Performance kits and IntelR NUC 11 Performance Mini PCs before version PATGL357.0042 may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2021-33176

VerneMQ MQTT Broker versions prior to 1.12.0 are vulnerable to a denial of service attack as a result of excessive memory consumption due to the handling of untrusted inputs. These inputs cause the message broker to consume large amounts of memory, resulting in the application being terminated by...

CVE-2021-33176

The CVE-2021-33176 entry applies to VerneMQ MQTT Broker versions prior to 1.12.0, where a denial-of-service is caused by excessive memory consumption when handling untrusted inputs. Multiple connected sources (including Red Hat security advisory and OSV) corroborate the same description; no speci...