Amazon Linux 2023 : libXpm, libXpm-devel (ALAS2023-2026-1656)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1656 advisory. As per upstream advisory: libXpm Out-of-bounds read in xpmNextWord CVE-2026-4367 Tenable has extracted the preceding description block directly from the tested product security advisory. Note that Ness...

Siemens Teamcenter PDF.js Arbitrary Code Execution (SSA-827383)

The version of Siemens Teamcenter installed on the remote host is affected by a vulnerability: - A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. CVE-2024-4367 Note that Nessus has not tested for this issue but has...

Medium: libXpm

Issue Overview: As per upstream advisory: libXpm Out-of-bounds read in xpmNextWord CVE-2026-4367 Affected Packages: libXpm Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the difference between AL2 Core and AL2 Extras advisories. Issue Correctio...

Amazon Linux 2 : libXpm, --advisory ALAS2-2026-3291 (ALAS-2026-3291)

The version of libXpm installed on the remote host is prior to 3.5.12-9. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3291 advisory. As per upstream advisory: libXpm Out-of-bounds read in xpmNextWord CVE-2026-4367 Tenable has extracted the preceding description...

libXpm-devel-3.5.18-2.1 on GA media (moderate)

libXpm-devel-3.5.18-2.1 on GA media Announcement ID: openSUSE-SU-2026:10608-1 Rating: moderate Cross-References: CVE-2026-4367 CVSS scores: CVE-2026-4367 SUSE : 6.3 CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H CVE-2026-4367 SUSE : 5.8 CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:N/VA:H/SC:N/SI:N/SA:...

CVE-2026-4367

creationtimestamp| type| source ---|---|--- 2026-04-22 02:01:17+00:00| seen| https://bsky.app/profile/slackers.it/post/3mk2fo63fp42q 2026-05-10 20:00:10+00:00| seen| https://jvn.jp/en/jp/JVN18013369...

SUSE CVE-2026-4367

unknown...

[slackware-security] libXpm

New libXpm packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/libXpm-3.5.19-i586-1slack15.0.txz: Upgraded. This update fixes a security issue: Out-of-bounds read in xpmNextWord. For more...

Linux Distros Unpatched Vulnerability : CVE-2026-4367

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - As per upstream advisory: libXpm Out-of-bounds read in xpmNextWord CVE-2026-4367 CVE-2026-4367 Note that Nessus relies on the presence of the package as reporte...

Slackware Linux 15.0 / current libXpm Vulnerability (SSA:2026-111-01)

The version of libXpm installed on the remote host is prior to 3.5.19. It is, therefore, affected by a vulnerability as referenced in the SSA:2026-111-01 advisory. New libXpm packages are available for Slackware 15.0 and -current to fix a security issue. Tenable has extracted the preceding...

EUVD-2026-4367

Insertion of Sensitive Information Into Sent Data vulnerability in bPlugins B Accordion b-accordion allows Retrieve Embedded Sensitive Data.This issue affects B Accordion: from n/a through = 2.0.0...

MiracleLinux 7 : firefox-115.11.0-1.0.1.el7.AXS7 (AXSA:2024-7743:18)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7743:18 advisory. firefox: Arbitrary JavaScript execution in PDF.js CVE-2024-4367 firefox: IndexedDB files retained in private browsing mode CVE-2024-4767 firefox:...

Debian: Security Advisory (DLA-4367-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dla-4367 : keystone - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4367 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-4367-1 [email protected] https://www.debian.org/lts/security/...

DLA-4367-1 keystone - security update

Bulletin has no description...

Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in pdfjs-dist-2.4.456.tgz

Summary Security Bulletin: IBM watsonx Orchestrate Developer Edition affected by vulnerability in pdfjs-dist-2.4.456.tgz Vulnerability Details CVEID:CVE-2024-4367 DESCRIPTION: A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js...

Security Bulletin: IBM ICCSAP cross site scripting vulnerablity fix.

Summary Vulnerability were disclosed part of Cross Site Scripting With PDF Vulnerability Details CVEID:CVE-2024-4367 DESCRIPTION: A type check was missing when handling fonts in PDF.js, which would allow arbitrary JavaScript execution in the PDF.js context. This vulnerability affects Firefox 126,...

CVE-2007-4367

creationtimestamp| type| source ---|---|--- 2025-09-09 21:02:29+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lygmjfsfng22...

Exploit for Improper Check for Unusual or Exceptional Conditions in Mozilla Firefox

CVE-2024-4367 POC Usage bash python poc.py mal.pdf "a...

RHSA-2024:4367

creationtimestamp| type| source ---|---|--- 2025-08-01 19:46:22+00:00| seen| Telegram/O8FwmjqjKQMaQrdgMgHP9iBegxKxQxSENSkPsU2n4egHQc...