MINI-9287-4939-RVVH

Bulletin has no description...

Atlassian Jira Service Management Data Center and Server 10.3.x < 10.3.16 / 11.0.x < 11.2.1 / 11.3.0 (JSDSERVER-16503)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16503 advisory. - Improper Input Validation vulnerability in cipher-base allows Input Data Manipulation.This issue...

MiracleLinux 8 : python3.11-3.11.11-1.el8_10 (AXSA:2024-9396:32)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9396:32 advisory. python: Virtual environment venv activation scripts don't quote paths CVE-2024-9287 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : python3.12-3.12.5-2.el9_5.2 (AXSA:2024-9442:17)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9442:17 advisory. python: Virtual environment venv activation scripts don't quote paths CVE-2024-9287 python: Unbounded memory buffering in...

MiracleLinux 9 : python3.11-3.11.9-7.el9_5.2 (AXSA:2024-9495:34)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9495:34 advisory. python: Virtual environment venv activation scripts don't quote paths CVE-2024-9287 Tenable has extracted the preceding description block directly from the...

CGA-JV8R-5VRC-9287

Bulletin has no description...

Security Bulletin: Vulnerability in cipher-base affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in cipher-base has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...

RHEL 8 : python39:3.9 (RHSA-2025:23530)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:23530 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...

Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities

Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2024-11168 DESCRIPTION: The urllib.parse.urlsplit and urlparse functions improperl...

EUVD-2019-9287

Malware in sbrugna...

Ubuntu: Security Advisory (USN-7746-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dla-4291 : node-cipher-base - security update

The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4291 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4291-1 [email protected] https://www.debian.org/lts/security/...

CVE-2025-9287 vulnerabilities

Vulnerabilities for packages: opensearch-dashboards...

[SECURITY] [DSA 5986-1] node-cipher-base security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5986-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 26, 2025 https://www.debian.org/security/faq -...

Debian dsa-5986 : node-cipher-base - security update

The remote Debian 12 / 13 host has a package installed that is affected by a vulnerability as referenced in the dsa-5986 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-5986-1 [email protected] https://www.debian.org/security/...

jupyter-bqplot-jupyterlab-0.5.46-12.1 on GA media (moderate)

jupyter-bqplot-jupyterlab-0.5.46-12.1 on GA media Announcement ID: openSUSE-SU-2025:15485-1 Rating: moderate Cross-References: CVE-2025-9287 CVSS scores: CVE-2025-9287 SUSE : 9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H CVE-2025-9287 SUSE : 9.1...

@5ht/express (>=1.0.6 <=2.2.0), @audius/sdk (>=0.0.3 <=7.1.1) +7 more potentially affected by CVE-2025-9287 via cipher-base (=1.0.4)

cipher-base NPM version =1.0.4 is affected by a known vulnerability. The following packages have a transitive dependency on cipher-base and may be impacted: - @5ht/express =1.0.6, =0.0.3, =6.0.4, =1.0.1, =1.5.2-beta.1, =1.0.0, =1.0.0, =0.2.0-beta.9, =0.2.0-beta.11 Source cves: CVE-2025-9287 Sourc...

CVE-2025-9287

Improper Input Validation vulnerability in cipher-base allows Input Data Manipulation.This issue affects cipher-base: through 1.0.4...

MAL-2025-9287 Malicious code in @sellerly/icons (npm)

The package @sellerly/icons was found to contain malicious code...

Security Bulletin: DataStage on Cloud Pak for Data is vulnerable to regular expression DoS and command injection due to the python package (CVE-2024-6232, CVE-2024-9287)

Summary Python is used by DataStage on Cloud Pak for Data as part of data processing functionality. Vulnerability Details CVEID:CVE-2024-6232 DESCRIPTION: There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed excessive backtracking during tarfile.TarFile...