WordPress Qwizcards < 3.95 - Cross-Site Scripting (Reflected)

The WordPress Qwizcards plugin before version 3.95 does not sanitise and escape the "themestylesheet" parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting vulnerability. id: CVE-2025-6174 info: name: WordPress Qwizcards alert'randstr'" matcher...

RockyLinux 8 : cloud-init (RLSA-2025:11324)

The remote RockyLinux 8 host has a package installed that is affected by a vulnerability as referenced in the RLSA-2025:11324 advisory. cloud-init: Cloud init permissions flaw CVE-2024-6174 Tenable has extracted the preceding description block directly from the RockyLinux security advisory. Note...

RLSA-2025:11324 Important: cloud-init security update

The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to retrieve and install SSH keys, and to let the user run various scripts. Security Fixes: cloud-init: Cloud init permissions flaw CVE-2024-6174 For more...

CVE-2026-6174

creationtimestamp| type| source ---|---|--- 2026-05-14 11:32:05+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3mlspt3koty2u...

Debian: Security Advisory (DSA-6174-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-RU-2026:20192-1 Recommended update for cloud-init

This update for cloud-init fixes the following issues: Changes in cloud-init: - Fix dependency replace -serial with -pyserial - Drop unneeded test dependency on httpretty, fixed long ago https://github.com/canonical/cloud-init/pull/1720 - Update to version 25.1.3 bsc1245401 , CVE-2024-6174,...

Azure Linux 3.0 Security Update: wireshark (CVE-2023-6174)

The version of wireshark installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-6174 advisory. - SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted...

MiracleLinux 9 : golang-1.19.10-1.el9, go-toolset-1.19.10-1.el9 (AXSA:2023-6174:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6174:04 advisory. golang: cmd/go: go command may generate unexpected code at build time when using cgo CVE-2023-29402 golang: cmd/go: go command may execute arbitrary...

TencentOS Server 4: cloud-init (TSSA-2025:0573)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0573 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

Huawei EulerOS: Security Advisory for cloud-init (EulerOS-SA-2025-2408)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP12 : cloud-init (EulerOS-SA-2025-2317)

According to the versions of the cloud-init package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this,cloud-init defau...

EulerOS 2.0 SP13 : cloud-init (EulerOS-SA-2025-2252)

According to the versions of the cloud-init package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : cloud-init is an industry-standard multi-distribution method for cross-platform cloud instance initialization by Canonical. There is a security...

Huawei EulerOS: Security Advisory for cloud-init (EulerOS-SA-2025-2252)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for cloud-init (EulerOS-SA-2025-2284)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AlmaLinux 10 : cloud-init (ALSA-2025:10844)

The remote AlmaLinux 10 host has a package installed that is affected by a vulnerability as referenced in the ALSA-2025:10844 advisory. cloud-init: Cloud init permissions flaw CVE-2024-6174 Tenable has extracted the preceding description block directly from the AlmaLinux security advisory. Note...

EUVD-2021-1579

Malware in sbrugna...

SUSE-SU-2025:20656-1 Security update for cloud-init

This update for cloud-init fixes the following issues: Update to version 25.1.3: - CVE-2024-6174: Unpriveleged user could trigger hotplug-hook commands bsc1245403. None security fixes: - Rebase cloud-init to 24.4 or higher bsc1239715, jscPED-8680. - Fixed cloud-init --debug status bsc1228414. -...

Ubuntu: Security Advisory (USN-7677-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-58f05c43ae)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory (FEDORA-2025-b93ee7b368)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...