114 matches found
CVE-2026-39936
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in The Wikimedia Foundation Mediawiki - Score Extension allows Cross-Site Scripting XSS. The issue has been remediated on the master branch, and in the release branches for MediaWiki versions 1.43,...
CVE-2026-39936 Stored XSS in Score due to usage of non-reserved data attributes
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in The Wikimedia Foundation Mediawiki - Score Extension allows Cross-Site Scripting XSS. The issue has been remediated on the master branch, and in the release branches for MediaWiki versions 1.43,...
Ubuntu: Security Advisory (USN-8076-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-8076-1 qtbase-opensource-src vulnerabilities
It was discovered that Qt did not correctly handle OpenSSL's error queue. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 20.04 LTS. CVE-2020-13962 It was discovered that Qt incorrectly handled certain XBM image files. If a user or...
MiracleLinux 9 : qt5-qtbase-5.15.9-10.el9_4 (AXSA:2024-8586:04)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8586:04 advisory. qtbase: qtbase: Delay any communication until encrypted can be responded to CVE-2024-39936 Tenable has extracted the preceding description block directly fro...
BELL-CVE-2025-39936
Bulletin has no description...
CVE-2025-39936
In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Always pass in an error pointer to sevplatformshutdownlocked When 9770b428b1a2 "crypto: ccp - Move devinfo/err messages for SEV/SNP init and shutdown" moved the error messages dumping so that they don't need to be...
Linux Distros Unpatched Vulnerability : CVE-2021-39936
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper access control in GitLab CE/EE affecting all versions starting from 10.7 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions...
Linux Distros Unpatched Vulnerability : CVE-2024-39936
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make...
MAL-2025-39936 Malicious code in xray-eq1-project (npm)
The package xray-eq1-project was found to contain malicious code...
TencentOS Server 2: qt5-qtbase (TSSA-2024:0378)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0378 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...
TencentOS Server 3: qt5-qtbase (TSSA-2024:0298)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0298 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
NewStart CGSL MAIN 7.02 : qt5-qtbase Vulnerability (NS-SA-2025-0077)
The remote NewStart CGSL host, running version MAIN 7.02, has qt5-qtbase packages installed that are affected by a vulnerability: - An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code to make...
Alibaba Cloud Linux 3 : 0157: qt5-qtbase (ALINUX3-SA-2024:0157)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0157 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-39936: An issue was discovered in HTTP2 in...
openSUSE Security Advisory (SUSE-SU-2024:2883-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Advisory (SUSE-SU-2024:2875-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Advisory (SUSE-SU-2024:2882-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Advisory (SUSE-SU-2024:2873-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Azure Linux 3.0 Security Update: qt5-qtbase / qtbase (CVE-2024-39936)
The version of qt5-qtbase / qtbase installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-39936 advisory. - An issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x...
Advisory ROSA-SA-2025-2601
software: qt5-qtbase 5.15.10 OS: ROSA-CHROME packageevrstring: qt5-qtbase-5.15.10-3 CVE-ID: CVE-2024-39936 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: Vulnerability in HTTP2 in Qt: security decision may be executed too early due to encrypted signal. CVE-STATUS: The vulnerability has been resolved...