CVE-2026-22731

Spring Boot applications with Actuator can be vulnerable to an "Authentication Bypass" vulnerability when an application endpoint that requires authentication is declared under a specific path, already configured for a Health Group additional path. This issue affects Spring Boot: from 4.0 before...

EUVD-2020-28170

Malware in sbrugna...

EUVD-2016-10648

Malware in sbrugna...

EUVD-2022-0749

Malicious code in bioql PyPI...

EUVD-2022-3015

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2016-9859

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in phpMyAdmin. With a crafted request parameter value it is possible to initiate a denial of service attack in import feature. All 4.6.x...

Linux Distros Unpatched Vulnerability : CVE-2016-4412

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in phpMyAdmin. A user can be tricked into following a link leading to phpMyAdmin, which after authentication redirects to another...

Linux Distros Unpatched Vulnerability : CVE-2014-4986

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple cross-site scripting XSS vulnerabilities in js/functions.js in phpMyAdmin 4.0.x before 4.0.10.1, 4.1.x before 4.1.14.2, and 4.2.x before 4.2.6 allow...

Wireshark SEoL (4.0.x)

According to its version, Wireshark is 4.0.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 C Tenable,...

VulnCheck KEV: CVE-2016-5734

phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 does not properly choose delimiters to prevent use of the pregreplace e aka eval modifier, which might allow remote attackers to execute arbitrary PHP code via a crafted string, as demonstrated by the table...

CVE-2024-0208

GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file...

Moodle 3.11.x < 3.11.9, 4.0.x < 4.0.3 CSRF Vulnerability

Moodle is prone to a cross-site request forgery CSRF vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:moodle:moodle...

PT-2023-6128 · Wireshark +4 · Wireshark +4

Name of the Vulnerable Software and Affected Versions: Wireshark versions 3.6.0 through 3.6.16 Wireshark versions 4.0.0 through 4.0.8 Description: The issue is related to a memory leak in the RTPS dissector of Wireshark, which can be exploited to cause a denial of service. This can be achieved vi...

Moodle 4.0.x < 4.0.1 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.9.x prior to 3.9.14, 3.10.x prior to 3.10.11, 3.11.x prior to 3.11.7 or 4.0.x prior to 4.0.1. It is, therefore, affected by multiple vulnerabilities: - A stored Cross-Site Scripting XSS vulnerability in ID numbers displayed when bulk...

Moodle 3.11.x < 3.11.8 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.9.x prior to 3.9.15, 3.11.x prior to 3.11.8 or 4.0.x prior to 4.0.2. It is, therefore, affected by multiple vulnerabilities: - A code injection through an omitted execution parameter elading to Remote Code Execution RCE for sites running...

Moodle 4.0.x < 4.0.2 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.9.x prior to 3.9.15, 3.11.x prior to 3.11.8 or 4.0.x prior to 4.0.2. It is, therefore, affected by multiple vulnerabilities: - A code injection through an omitted execution parameter elading to Remote Code Execution RCE for sites running...

Moodle 3.9.x < 3.9.18 Multiple Vulnerabilities

The version of Moodle installed on the remote host is 3.9.x prior to 3.9.18, 3.11.x prior to 3.11.11 or 4.0.x prior to 4.0.5. It is, therefore, affected by multiple vulnerabilities: - An information disclosure due to a user CSRF token being unnecessarily included in the URL during the redirection...

Joomla 4.0.x < 4.2.8 Joomla 4.2.8 Security Release (5878-joomla-4-2-8-security-release)

According to its self-reported version, the instance of Joomla! running on the remote web server is 4.0.x prior to 4.2.8. It is, therefore, affected by a vulnerability. - An improper access check allows unauthorized access to webservice endpoints. CVE-2023-23752 Note that Nessus has not tested fo...

SUSE CVE-2014-7203

libzmq aka ZeroMQ/C++ 4.0.x before 4.0.5 does not ensure that nonces are unique, which allows man-in-the-middle attackers to conduct replay attacks via unspecified vectors...

SUSE CVE-2016-6606

An issue was discovered in cookie encryption in phpMyAdmin. The decryption of the username/password is vulnerable to a padding oracle attack. This can allow an attacker who has access to a user's browser cookie file to decrypt the username and password. Furthermore, the same initialization vector...