Ubuntu: Security Advisory (USN-8060-7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MiracleLinux 9 : gnutls-3.8.3-4.el9 (AXSA:2024-8060:06)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8060:06 advisory. gnutls: vulnerable to Minerva side-channel information leak CVE-2024-28834 gnutls: potential crash during chain building/verification CVE-2024-28835...

CVE-2025-8060

creationtimestamp| type| source ---|---|--- 2025-07-23 02:19:56+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114900152831880261 2025-07-23 04:48:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lum7p4xchj2j...

AlmaLinux 8 : firefox (ALSA-2025:8060)

The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2025:8060 advisory. firefox: Out-of-bounds access when resolving Promise objects CVE-2025-4918 firefox: Out-of-bounds access when optimizing linear sums CVE-2025-4919 Tenable...

CVE-2024-8060

OpenWebUI version 0.3.0 contains a vulnerability in the audio API endpoint /audio/api/v1/transcriptions that allows for arbitrary file upload. The application performs insufficient validation on the file.contenttype and allows user-controlled filenames, leading to a path traversal vulnerability...

CVE-2024-8060

OpenWebUI version 0.3.0 contains a vulnerability in the audio API endpoint /audio/api/v1/transcriptions that allows for arbitrary file upload. The application performs insufficient validation on the file.contenttype and allows user-controlled filenames, leading to a path traversal vulnerability...

CVE-2024-8060 Remote Code Execution in OpenWebUI via Arbitrary File Upload

OpenWebUI version 0.3.0 contains a vulnerability in the audio API endpoint /audio/api/v1/transcriptions that allows for arbitrary file upload. The application performs insufficient validation on the file.contenttype and allows user-controlled filenames, leading to a path traversal vulnerability...

CVE-2024-8060 Remote Code Execution in OpenWebUI via Arbitrary File Upload

OpenWebUI version 0.3.0 contains a vulnerability in the audio API endpoint /audio/api/v1/transcriptions that allows for arbitrary file upload. The application performs insufficient validation on the file.contenttype and allows user-controlled filenames, leading to a path traversal vulnerability...

SUSE CVE-2015-8060

Adobe Flash Player before 18.0.0.268 and 19.x and 20.x before 20.0.0.228 on Windows and OS X and before 11.2.202.554 on Linux, Adobe AIR before 20.0.0.204, Adobe AIR SDK before 20.0.0.204, and Adobe AIR SDK & Compiler before 20.0.0.204 allow attackers to execute arbitrary code or cause a denial o...

CVE-2019-8060

CVE-2019-8060 is a command injection vulnerability in Adobe Acrobat/Reader. Affected versions include 2019.012.20035 and earlier, 2017.011.30142/30143 and earlier, and 2015.006.30497/30498 and earlier, with successful exploitation enabling arbitrary code execution. Several connected advisories (e...

Adobe Reader < 2015.006.30499 / 2017.011.30144 / 2019.012.20036 Multiple Vulnerabilities (APSB19-41)

The version of Adobe Reader installed on the remote Windows host is a version prior to 2015.006.30499, 2017.011.30144, or 2019.012.20036. It is, therefore, affected by multiple vulnerabilities. - Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier,...

Adobe Reader < 2015.006.30499 / 2017.011.30144 / 2019.012.20036 Multiple Vulnerabilities (APSB19-41) (macOS)

The version of Adobe Reader installed on the remote macOS host is a version prior to 2015.006.30499, 2017.011.30144, or 2019.012.20036. It is, therefore, affected by multiple vulnerabilities. - Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.3014...

Adobe Acrobat 2017 Security Updates (APSB19-41) - Windows

Adobe Acrobat 2017 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobat";...

CVE-2018-8060

HWiNFO AMD64 Kernel driver (version 8.98 and earlier) is affected. An unprivileged user can send an IOCTL to the device driver, and if input/output buffers are NULL or data is invalid, a NULL/invalid pointer access occurs, causing a Windows kernel panic (BSOD). Affected IOCTLs are higher than 0x8...

CVE-2018-8060

HWiNFO AMD64 Kernel driver version 8.98 and lower allows an unprivileged user to send an IOCTL to the device driver. If input and/or output buffer pointers are NULL or if these buffers' data are invalid, a NULL/invalid pointer access occurs, resulting in a Windows kernel panic aka Blue Screen. Th...

CVE-2016-8060

CVE-2016-8060 entry is rejected and not used, per the Initial Description.

CVE-2014-8060

...

CVE-2014-8060

CVE-2014-8060 is rejected/not used and does not represent an active vulnerability entry.

CVE-2017-8060

Acceptance of invalid/self-signed TLS certificates in "Panda Mobile Security" 1.1 for iOS allows a man-in-the-middle and/or physically proximate attacker to silently intercept information sent during the login API call...

CVE-2017-8060

The CVE describes a flaw in Panda Mobile Security for iOS 1.1 where the app accepts invalid/self-signed TLS certificates, enabling a man-in-the-middle to silently intercept data during the login API call. The connected CNVD/CNVD-related entries corroborate the same vulnerable behavior, focusing o...