404 matches found
Photon OS 3.0: Vim PHSA-2023-3.0-0522
An update of the vim package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-3.0-0522. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid20401...
Photon OS 3.0: Zchunk PHSA-2023-3.0-0683
An update of the zchunk package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-3.0-0683. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 3.0: Lua PHSA-2023-3.0-0620
An update of the lua package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-3.0-0620. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid20380...
Photon OS 5.0: Suricata PHSA-2024-5.0-0246
An update of the suricata package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0246. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 4.0: Shadow PHSA-2023-4.0-0536
An update of the shadow package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0536. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CVE-2024-21778
A heap-based buffer overflow vulnerability exists in the configuration file mibinitvaluearray functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted .dat file can lead to arbitrary code execution. An attacker can upload a malicious file to trigger this vulnerability...
PT-2024-9982 · Rockwell Automation · Rockwell Automation Arena
Name of the Vulnerable Software and Affected Versions: Rockwell Automation Arena affected versions not specified Description: The issue is related to a "use after free" code execution vulnerability. This vulnerability could allow a threat actor to craft a DOE file and force the software to use a...
PHP Scripting Language Installed (Unix)
Binary data phpnixinstalled.nbin...
PT-2024-24185 · Unknown · Kliqqi-Cms
Name of the Vulnerable Software and Affected Versions: Kliqqi-CMS version 2.0.2 Description: The issue is related to SQL Injection in the load data.php file via the userid parameter. This allows for potential exploitation. Recommendations: For Kliqqi-CMS version 2.0.2, consider restricting access...
Delta Electronics DIAEnergie Hard-coded JWT Key (CVE-2022-3214)
Binary data deltaelectronicsdiaenergiecve-2022-3214.nbin...
PT-2024-17458
Name of the Vulnerable Software and Affected Versions SourceCodester CRUD without Page Reload version 1.0 Description A vulnerability was found in the file fetch data.php, where the manipulation of the username or city argument leads to cross-site scripting. The attack may be launched remotely...
CVE-2023-5130
A buffer overflow vulnerability exists in Delta Electronics WPLSoft. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DVP file to achieve code execution...
PT-2024-1437 · Delta Electronics · Dopsoft
Name of the Vulnerable Software and Affected Versions: Delta Industrial Automation DOPSoft affected versions not specified Description: A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wLogTitlesTimeLen field of a DPS file. A remote,...
Delta Electronics DOPSoft Security Vulnerability
Delta Electronics DOPSoft is a set of Human Machine Interface HMI software from Delta Electronics, Taiwan, China. A security vulnerability exists in Delta Electronics DOPSoft that originates from a buffer overflow vulnerability when parsing the wKPFStringLen field of a DPS file...
Low: curl
Issue Overview: When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use. CVE-2023-46219 Affected Packages: curl Issue Correction: Run dnf update curl --releasev...
DEBIAN-CVE-2023-49342
Temporary data passed between application components by Budgie Extras Clockworks applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may pre-create and control this file to present false...
PT-2023-31175 · Unknown +3 · Budgie Extras +3
Name of the Vulnerable Software and Affected Versions: Budgie Extras affected versions not specified Description: Temporary data passed between application components by the Budgie Extras Window Shuffler applet could potentially be viewed or manipulated. The data is stored in a location that is...
CLSA-2023-1702324842 Fix CVE(s): CVE-2023-23583
SECURITY UPDATE: New microcode data file 2023-11-14 - Updated microcodes: sig 0x000606a6, pfmask 0x87, 2023-09-01, rev 0xd0003b9, size 299008 sig 0x000606c1, pfmask 0x10, 2023-09-08, rev 0x1000268, size 290816 sig 0x000706e5, pfmask 0x80, 2023-09-03, rev 0x00c2, size 113664 sig 0x000806c1, pfmask...
CVE-2023-6306
A vulnerability classified as critical has been found in SourceCodester Free and Open Source Inventory Management System 1.0. Affected is an unknown function of the file /ample/app/ajax/memberdata.php. The manipulation of the argument columns leads to sql injection. It is possible to launch the...
PT-2023-32606 · Unknown · Sourcecodester Free/Open Source Inventory Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Free and Open Source Inventory Management System version 1.0 Description: A critical issue has been discovered, affecting an unknown function of the file /ample/app/ajax/member data.php. The manipulation of the columns argument...