CVE-2026-4048 OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster, ECS Connection Manager, Object Scale Connection Manager & MOVEit WAF

OS Command Injection Remote Code Execution Vulnerability in UI in Progress ADC Products allows an authenticated attacker with “All” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in a custom WAF rule file during the file upload process...

CVE-2026-4048

creationtimestamp| type| source ---|---|--- 2026-04-20 11:13:25+00:00| seen| https://cyber.gc.ca/en/alerts-advisories/progress-security-advisory-av26-371 2026-04-20 17:21:32+00:00| seen| Telegram/hFxIO41xlFzh2jQkUD7ke9A61oBvDNutGhkEmwpRWmhNxw 2026-04-20 19:02:00+00:00| seen|...

EUVD-2026-4048

Missing Authorization vulnerability in cardpaysolutions Payment Gateway Authorize.Net CIM for WooCommerce authnet-cim-for-woo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Payment Gateway Authorize.Net CIM for WooCommerce: from n/a through = 2.1.2...

MiracleLinux 8 : openblas-0.3.15-4.el8 (AXSA:2022-4153:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-4153:02 advisory. lapack: Out-of-bounds read in larrv CVE-2021-4048 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Not...

TencentOS Server 3: firefox (TSSA-2023:0174)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0174 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

TencentOS Server 3: openblas (TSSA-2022:0238)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2022:0238 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

TencentOS Server 3: thunderbird (TSSA-2023:0169)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0169 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

TencentOS Server 2: thunderbird (TSSA-2023:0167)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0167 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

Oracle Linux 8 : xmlrpc-c (ELSA-2025-4048)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-4048 advisory. 1.51.0-11 - Restrict XML Entity Expansion Depth in libexpat CVE-2024-8176 Tenable has extracted the preceding description block directly from the Oracle Linux...

Linux Distros Unpatched Vulnerability : CVE-2021-4048

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack through version 3.10.0, as also used in OpenBLAS before versi...

Debian: Security Advisory (DLA-4048-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 7 : lapack (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - lapack: Out-of-bounds read in larrv CVE-2021-4048 Note that Nessus has not tested for this issue but has instead...

openSUSE: Security Advisory for MozillaFirefox (SUSE-SU-2023:3162-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux 2 : openblas (ALASR4-2023-001)

The version of openblas installed on the remote host is prior to 0.3.9-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2R4-2023-001 advisory. An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack and OpenBLAS. A specially...

Mageia: Security Advisory (MGASA-2023-0266)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Medium: openblas

Issue Overview: An out-of-bounds read flaw was found in the CLARRV, DLARRV, SLARRV, and ZLARRV functions in lapack and OpenBLAS. A specially crafted input passed to these functions could cause an application using lapack to crash or possibly disclose portions of its memory. CVE-2021-4048 Affected...

Ubuntu: Security Advisory (USN-6333-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 7 : thunderbird (ELSA-2023-4495)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-4495 advisory. 102.14.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 102.14.0-1 - Update to...

[SECURITY] [DLA 3523-1] firefox-esr security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3523-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort August 09, 2023 https://wiki.debian.org/LTS -...

RLSA-2023:4462 Important: firefox security update

Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.14.0 ESR. Security Fixes: Mozilla: Offscreen Canvas could have bypassed cross-origin restrictions CVE-2023-4045 Mozilla: Incorrect value used...