Linux Distros Unpatched Vulnerability : CVE-2026-41854

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Due to incorrect host parsing, applications that rely on UriComponentsBuilder to parse and validate an externally provided URL string may be exposed to a...

EUVD-2025-41854

Malicious code in sinta-ketoprak22-riris npm...

Linux Distros Unpatched Vulnerability : CVE-2022-41854

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an...

CVE-2022-41854 affecting package snakeyaml 1.25-2

CVE-2022-41854 affecting package snakeyaml 1.25-2. This CVE either no longer is or was never applicable...

Fedora 37 : snakeyaml (2022-c01dd659fa)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-c01dd659fa advisory. Security fix for CVE-2022-41854 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus h...

CVE-2024-41854

creationtimestamp| type| source ---|---|--- 2024-08-14 18:13:35+00:00| seen| https://t.me/cvedetector/3158...

CVE-2024-41854

InDesign Desktop versions ID19.4, ID18.5.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in...

RHEL 9 : log4j (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - apache-commons-net: FTP client trusts the host from PASV response by default CVE-2021-37533 - Those using...

RHEL 7 : dev-java_snakeyaml (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - dev-java/snakeyaml: DoS via stack overflow CVE-2022-41854 Note that Nessus has not tested for this issue but has...

Security Bulletin: Multiple vulnerabilities in open source libraries affect IBM® Db2® Federated.

Summary Multiple vulnerabilities in open source libraries affect IBM® Db2® Federated. These vulnerabilities were fixed in the images published on December 01, 2023 but the CVEs were not included in the bulletin. Vulnerability Details CVEID:CVE-2022-1471 DESCRIPTION: SnakeYaml could allow a remote...

Moderate: Red Hat Security Advisory: AMQ Clients 2023.Q4

An update is now available for Red Hat AMQ Clients Red Hat Product Security has rated this update as having an impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the Reference...

CVE-2023-41854

creationtimestamp| type| source ---|---|--- 2023-10-10 12:29:49+00:00| seen| https://t.me/cibsecurity/71889...

CVE-2023-41854

Cross-Site Request Forgery CSRF vulnerability in Softaculous Ltd. WpCentral plugin = 1.5.7 versions...

CVE-2023-41854 WordPress wpCentral Plugin <= 1.5.7 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Softaculous Ltd. WpCentral plugin = 1.5.7 versions...

CVE-2023-41854

CVE-2023-41854 is a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress wpCentral plugin, affecting versions 1.5.7 and earlier. Public sources consistently state the issue allows unauthenticated CSRF actions against the plugin. Remediation advised by sources is to upgrade to a versio...

Medium: snakeyaml

Issue Overview: Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks DOS. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow. CVE-2022-38752 Those using Snakeyaml to parse...

WordPress wpCentral Plugin <= 1.5.7 is vulnerable to Cross Site Request Forgery (CSRF)

Software wpCentral Type Plugin Vulnerable versions = 1.5.7 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-41854 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID fd3ebefe9e97 Credits Rio Darmawan Required...

OESA-2023-1503 snakeyaml security update

SnakeYAML is a YAML parser and emitter for the Java Virtual Machine. YAML is a data serialization format designed for human readability and interaction with scripting languages. Security Fixes: Those using Snakeyaml to parse untrusted YAML files may be vulnerable to Denial of Service attacks DOS...

Fedora 38 : picocli (2023-27ec59a486)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-27ec59a486 advisory. Update to version 4.7.4 Security fix for CVE-2022-41854 Tenable has extracted the preceding description block directly from the Fedora security...

Important: Red Hat Security Advisory: Red Hat Integration Camel for Spring Boot 3.18.3 Patch 2 release

Camel for Spring Boot 3.18.3 Patch 2 release and security update is now available. Red Hat Product Security has rated this update as having an impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...