MiracleLinux 9 : motif-2.3.4-28.el9 (AXSA:2024-7932:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7932:01 advisory. libXpm: out of bounds read in XpmCreateXpmImageFromBuffer CVE-2023-43788 libXpm: out of bounds read on XPM with corrupted colormap CVE-2023-43789...

TencentOS Server 3: motif (TSSA-2024:0191)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0191 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

EUVD-2025-43789

Malicious code in jaja-saguer61-breki npm...

CVE-2025-43789

creationtimestamp| type| source ---|---|--- 2025-09-12 05:17:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lymj54begf2c...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via the JSON Web Services published to OSGi. An attacker can gain unauthorized access to restricted service operations by invoking classes directly, which causes Service Access Policies to be executed. Remediatio...

CVE-2025-43789

JSON Web Services in Liferay Portal 7.4.0 through 7.4.3.119, and Liferay DXP 2024.Q1.1 through 2024.Q1.9, 7.4 GA through update 92 published to OSGi are registered and invoked directly as classes which allows Service Access Policies get executed...

CVE-2025-43789

The CVE-2025-43789 issue affects Liferay Portal/Liferay DXP: JSON Web Services in Liferay Portal 7.4.0–7.4.3.119 and Liferay DXP 2024.Q1.1–2024.Q1.9 (7.4 GA through update 92 published to OSGi) are registered and invoked directly as classes, enabling Service Access Policies to be executed. Root c...

CVE-2025-43789

JSON Web Services in Liferay Portal 7.4.0 through 7.4.3.119, and Liferay DXP 2024.Q1.1 through 2024.Q1.9, 7.4 GA through update 92 published to OSGi are registered and invoked directly as classes which allows Service Access Policies get executed...

Linux Distros Unpatched Vulnerability : CVE-2023-43789

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in libXpm where a vulnerability exists due to a boundary condition, a local user can trigger an out-of-bounds read error and read...

NewStart CGSL MAIN 7.02 : libXpm Multiple Vulnerabilities (NS-SA-2025-0140)

The remote NewStart CGSL host, running version MAIN 7.02, has libXpm packages installed that are affected by multiple vulnerabilities: - A vulnerability was found in libXpm where a vulnerability exists due to a boundary condition, a local user can trigger an out-of-bounds read error and read...

TencentOS Server 4: libXpm (TSSA-2025:0096)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0096 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

Alibaba Cloud Linux 3 : 0142: motif (ALINUX3-SA-2024:0142)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0142 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-43788: A vulnerability was found ...

RLSA-2024:2217 Moderate: motif security update

The motif packages include the Motif shared libraries needed to run applications which are dynamically linked against Motif, as well as MWM, the Motif Window Manager. Security Fixes: libXpm: out of bounds read in XpmCreateXpmImageFromBuffer CVE-2023-43788 libXpm: out of bounds read on XPM with...

RLSA-2024:2146 Moderate: libXpm security update

X.Org X11 libXpm runtime library. Security Fixes: libXpm: out of bounds read in XpmCreateXpmImageFromBuffer CVE-2023-43788 libXpm: out of bounds read on XPM with corrupted colormap CVE-2023-43789 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and...

libXpm security update

An update is available for libXpm. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list X.Org X11 libXpm runtime library. Security Fixes: libXpm: out of bounds read i...

RLSA-2024:3022 Moderate: motif security update

The motif packages include the Motif shared libraries needed to run applications which are dynamically linked against Motif, as well as MWM, the Motif Window Manager. Security Fixes: libXpm: out of bounds read in XpmCreateXpmImageFromBuffer CVE-2023-43788 libXpm: out of bounds read on XPM with...

RockyLinux 9 : libXpm (RLSA-2024:2146)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:2146 advisory. libXpm: out of bounds read in XpmCreateXpmImageFromBuffer CVE-2023-43788 libXpm: out of bounds read on XPM with corrupted colormap CVE-2023-43789 Tenable...

Advisory ROSA-SA-2025-2784

Software: libXpm 3.5.12 OS: ROSA Virtualization 3.0 packageevrstring: libXpm-3.5.12-11.rv30 CVE-ID: CVE-2023-43788 BDU-ID: 2023-06887 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the XpmCreateXpmImageFromBuffer function of the X Pixmap Image File XPM libXpm library is related to reading data...

CVE-2024-43789

Discourse is an open source platform for community discussion. A user can create a post with many replies, and then attempt to fetch them all at once. This can potentially reduce the availability of a Discourse instance. This problem has been patched in the latest version of Discourse. All users...

Discourse < 3.3.1, 3.4.x < 3.4.0.beta1 DoS Vulnerability

Discourse is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...