Linux Distros Unpatched Vulnerability : CVE-2026-35242

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Difficult to exploi...

CVE-2026-35242

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is 7.2.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle...

CVE-2026-35242

...

CVE-2026-35242

...

CVE-2026-35242

CVE-2026-35242 affects Oracle VM VirtualBox (Core) with affected version 7.2.6. The vulnerability is exploitable by a high-privilege attacker with local logon to the host running Oracle VM VirtualBox, potentially leading to takeover of Oracle VM VirtualBox. CVSS 3.1 base score 7.5 (High) with loc...

KLA90996 Multiple vulnerabilities in Oracle VirtualBox

Multiple vulnerabilities were found in Oracle VirtualBox. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, cause denial of service. Below is a complete list of vulnerabilities: 1. Information disclosure vulnerability in Core can be...

MAL-2025-35242 Malicious code in test-mlw2-duchy-finch-lagan-motey (npm)

The package test-mlw2-duchy-finch-lagan-motey was found to contain malicious code...

USN-7603-1: Composer vulnerabilities

Thomas Chauchefoin discovered that Composer did not correctly handle certain arguments. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2022-24828, CVE-2023-43655 Ed Cradoc...

SolarWinds Serv-U 15.2.4 < 15.2.5 Multiple Vulnerabilities

The version of SolarWinds Serv-U installed on the remote host is prior to 15.2.5. It is, therefore, affected by multiple vulnerabilities as referenced in the serv-u1525 advisory. - Serv-U server responds with valid CSRFToken when the request contains only Session. CVE-2021-35242 - When a user has...

Amazon Linux 2023 : composer (ALAS2023-2024-659)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-659 advisory. Composer is a dependency manager for PHP. On the 2.x branch prior to versions 2.2.24 and 2.7.7, the composer install command running inside a git/hg repository which has specially crafted branch names c...

Debian: Security Advisory (DSA-5715-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2024:2107-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 / openSUSE 15 Security Update : php-composer2 (SUSE-SU-2024:2106-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2106-1 advisory. - CVE-2024-35241: Fixed code execution when installing packages in repository with specially crafted branch names...

SUSE-SU-2024:2106-1 Security update for php-composer2

This update for php-composer2 fixes the following issues: - CVE-2024-35241: Fixed code execution when installing packages in repository with specially crafted branch names bsc1226181. - CVE-2024-35242: Fixed command injection via specially crafted branch names during repository cloning bsc1226182...

Fedora: Security Advisory (FEDORA-2024-9ed24c98cd)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 40 : composer (2024-9ed24c98cd)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-9ed24c98cd advisory. Version 2.7.7 2024-06-10 Security: Fixed command injection via malicious git branch name GHSA-47f6-5gq3-vx9c / CVE-2024-35241 Security: Fixed multip...

[SECURITY] [DSA 5715-1] composer security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5715-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff June 18, 2024 https://www.debian.org/security/faq -...

CVE-2024-35242 vulnerabilities

Vulnerabilities for packages: composer...

CVE-2024-35242

Composer is a dependency manager for PHP. On the 2.x branch prior to versions 2.2.24 and 2.7.7, the composer install command running inside a git/hg repository which has specially crafted branch names can lead to command injection. This requires cloning untrusted repositories. Patches are availab...

CVE-2024-35242 vulnerabilities

Vulnerabilities for packages: composer...