CVE-2019-25344

Wondershare MobileGo 8.5.0 is affected by an insecure file permissions vulnerability that allows local users to modify executable files in the application directory. Attackers can replace MobileGo.exe with a malicious executable to create a new user account and add it to the Administrators group,...

CVE-2019-25344 MobileGo 8.5.0 - Insecure File Permissions

Wondershare MobileGo 8.5.0 contains an insecure file permissions vulnerability that allows local users to modify executable files in the application directory. Attackers can replace the original MobileGo.exe with a malicious executable to create a new user account and add it to the Administrators...

MiracleLinux 8 : gcc-8.5.0-3.el8 (AXSA:2021-2583:22)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2583:22 advisory. libiberty: Integer overflow in demangletemplate function CVE-2018-20673 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : gcc-8.5.0-23.el8_10.ML.1 (AXSA:2025-9683:07)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9683:07 advisory. jquery: Untrusted code execution via tag in HTML passed to DOM manipulation methods CVE-2020-11023 Tenable has extracted the preceding description block...

curl: CVE-2025-14524: bearer token leak on cross-protocol redirect

Summary: A vulnerability exists in libcurl regarding the handling of OAuth2 Bearer tokens CURLOPTXOAUTH2BEARER during HTTP redirects. While libcurl correctly clears standard authentication credentials CURLOPTUSERPWD when following a redirect to a different host, port, or protocol a security...

PT-2025-46206

Name of the Vulnerable Software and Affected Versions Parse Server versions prior to 8.5.0-alpha.5 Description Parse Server, an open-source backend deployable on Node.js infrastructures, allows any client to execute MongoDB explain queries without requiring the master key. The explain method...

Security Bulletin: IBM Watson Discovery Cartridge affected by vulnerability in deepdiff-8.5.0-py3-none-any.whl

Summary IBM Watson Discovery Cartridge contains a vulnerable version of deepdiff-8.5.0-py3-none-any.whl Vulnerability Details CVEID:CVE-2025-58367 DESCRIPTION: DeepDiff is a project focused on Deep Difference and search of any Python data. Versions 5.0.0 through 8.6.0 are vulnerable to class...

EUVD-2018-11064

Malware in sbrugna...

EUVD-2015-4221

Malware in sbrugna...

CVE-2015-7342

JNews Joomla Component before 8.5.0 allows SQL injection via upload thumbnail, Queue Search Field, Subscribers Search Field, or Newsletters Search Field...

OESA-2025-1009 harfbuzz security update

HarfBuzz is a text-shaping engine. If you give HarfBuzz a font and a string containing a sequence of Unicode codepoints, HarfBuzz selects and positions the corresponding glyphs from the font, applying all of the necessary layout rules and font features. HarfBuzz then returns the string to you in...

UBUNTU-CVE-2024-56732

HarfBuzz is a text shaping engine. Starting with 8.5.0 through 10.0.1, there is a heap-based buffer overflow in the hbcairoglyphsfrombuffer function...

HarfBuzz 安全漏洞

HarfBuzz is a text engine for OpenType fonts from the HarfBuzz open source. A security vulnerability exists in HarfBuzz versions 8.5.0 through 10.0.1, which stems from a heap-based buffer overflow in the hbcairoglyphsfrombuffer function...

Microsoft Azure CycleCloud 访问控制错误漏洞

Microsoft Azure CycleCloud is a suite of enterprise-friendly tools from Microsoft Corporation USA for orchestrating and managing high-performance computing HPC environments on Azure. An access control error vulnerability exists in Microsoft Azure CycleCloud. An attacker exploiting this...

Important: Red Hat Security Advisory: Red Hat Data Grid 8.5.0 security update

An update for Red Hat Data Grid 8 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

OPENSUSE-SU-2024:13509-1 curl-8.5.0-1.1 on GA media

These are all security issues fixed in the curl-8.5.0-1.1 package on the GA media of openSUSE Tumbleweed...

Apache Tomcat 8.5.0 < 8.5.12

The version of Tomcat installed on the remote host is prior to 8.5.12. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat8.5.12security-8 advisory. - While investigating bug 60718, it was noticed that some calls to application listeners in Apache Tomcat 9.0.0.M...

Apache Tomcat 8.5.0 < 8.5.38

The version of Tomcat installed on the remote host is prior to 8.5.38. It is, therefore, affected by a vulnerability as referenced in the fixedinapachetomcat8.5.38security-8 advisory. - The HTTP/2 implementation in Apache Tomcat 9.0.0.M1 to 9.0.14 and 8.5.0 to 8.5.37 accepted streams with excessi...

PT-2024-19157 · Intel · Intel Dlb Driver

Name of the Vulnerable Software and Affected Versions: IntelR DLB driver software versions prior to 8.5.0 Description: The issue is related to improper input validation, which may allow an authenticated user to potentially cause a denial of service via local access. Recommendations: For versions...

RHEL 8 : tomcat (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - tomcat: EncryptInterceptor documentation mistake CVE-2022-29885 - The HTTP/2 implementation in Apache...