AlmaLinux 10 : vim (ALSA-2026:7711)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:7711 advisory. vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin CVE-2026-28417 vim: Vim: Denial of service and information disclosure via...

RHEL 10 : vim (RHSA-2026:7711)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:7711 advisory. Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: Vim: Arbitrary code execution via OS command...

RHEL 8 : vim (RHSA-2026:6736)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6736 advisory. Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: Vim: Arbitrary code execution via 'helpfile' optio...

RHEL 8 : vim (RHSA-2026:6731)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6731 advisory. Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: Vim: Arbitrary code execution via 'helpfile' optio...

RHEL 10 : vim (RHSA-2026:6502)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:6502 advisory. Vim Vi IMproved is an updated and improved version of the vi editor. Security Fixes: vim: Vim: Arbitrary code execution via 'helpfile' opti...

Security update for smc-tools

This update for smc-tools fixes the following issues: Update to version 1.8.7 jscPED-14601. Security issues fixed: VUL-1: smc-tools: predictable /tmp file allows for local denial of service bsc1230052, bsc1258495. Other updates and bugfixes: smcrnics: fix regression when PFT not available...

MiracleLinux 8 : python3.12-3.12.5-2.el8_10 (AXSA:2024-8842:07)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8842:07 advisory. python: incorrect IPv4 and IPv6 private ranges CVE-2024-4032 cpython: python: email module doesn't properly quotes newlines in email headers, allowi...

CVE-2026-1002 Eclipse Vert.x Web static handler file access denial

The Vert.x Web static handler component cache can be manipulated to deny the access to static files served by the handler using specifically crafted request URI. The issue comes from an improper implementation of the C. rule of section 5.2.4 of RFC3986 and is fixed in Vert.x Core component used b...

CVE-2026-1002

CVE-2026-1002 affects the Vert.x Web static handler cache. The issue stems from an improper implementation of the RFC3986 C-rule (section 5.2.4), enabling an attacker to craft a URI (e.g., bar%2F..%2F) that can cause denial of access to static files served by the handler. Connected evidence indic...

EUVD-2018-3028

Malware in sbrugna...

EUVD-2011-2153

Malware in sbrugna...

EUVD-2016-5969

Malware in sbrugna...

EUVD-2016-8384

Malware in sbrugna...

EUVD-2017-7176

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2021-40565

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Segmentation fault caused by a null pointer dereference vulnerability exists in Gpac through 1.0.1 via the gfavcparsenalu function in avparsers.c when using...

Linux Distros Unpatched Vulnerability : CVE-2017-9994

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libavcodec/webp.c in FFmpeg before 2.8.12, 3.0.x before 3.0.8, 3.1.x before 3.1.8, 3.2.x before 3.2.5, and 3.3.x before 3.3.1 does not ensure that pixfmt is set...

Linux Distros Unpatched Vulnerability : CVE-2025-25193

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Netty, an asynchronous, event-driven network application framework, has a vulnerability in versions up to and including 4.1.118.Final. An unsafe reading of...

CVE-2024-53877

NVIDIA CUDA toolkit for all platforms contains a vulnerability in the nvdisasm binary, where a user could cause a NULL pointer exception by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability might lead to a partial denial of service...

CVE-2023-40549 Shim: out-of-bounds read in verify_buffer_authenticode() malformed pe file

An out-of-bounds read flaw was found in Shim due to the lack of proper boundary verification during the load of a PE binary. This flaw allows an attacker to load a crafted PE binary, triggering the issue and crashing Shim, resulting in a denial of service...

Updated ghostpcl packages fix security vulnerability

An integer overflow flaw was found in pcl/pl/plfont.c:418 in plglyphname in ghostscript. This issue may allow a local attacker to cause a denial of service via transforming a crafted PCL file to PDF format. CVE-2023-38560...