CVE-2021-47918

Simple CMS 2.1 contains a remote SQL injection vulnerability that allows privileged attackers to inject unfiltered SQL commands in the users module. Attackers can exploit unvalidated input parameters in the admin.php file to compromise the database management system and web application...

PT-2026-5171

Name of the Vulnerable Software and Affected Versions NVIDIA Display Driver for Linux affected versions not specified Description The NVIDIA Display Driver for Linux contains a flaw in the NVIDIA kernel module that could allow an attacker to trigger an integer overflow or wraparound. Exploitation...

Azure Linux 3.0 Security Update: nginx (CVE-2024-7347)

The version of nginx installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-7347 advisory. - NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module, which might allow an attacker t...

MiracleLinux 8 : python3.11-3.11.9-1.el8_10 (AXSA:2024-8471:15)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8471:15 advisory. python: Path traversal on tempfile.TemporaryDirectory CVE-2023-6597 python: The zipfile module is vulnerable to zip-bombs leading to denial of servi...

MiracleLinux 4 : httpd-2.2.15-45.0.1.AXS4 (AXSA:2015-347:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-347:01 advisory. The Apache HTTP Server is a powerful, efficient, and extensible web server. Security issues fixed with this release: CVE-2013-5704 The modheaders module in th...

MiracleLinux 4 : httpd-2.2.15-31.0.1.AXS4 (AXSA:2014-468:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-468:02 advisory. Description : The Apache HTTP Server is a powerful, efficient, and extensible web server. Security issues fixed with this release: CVE-2014-0118 The...

CVE-2025-68967

Vulnerability of improper permission control in the print module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

CVE-2025-68959

Permission verification bypass vulnerability in the media library module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

PT-2026-2572

Vulnerability of improper permission control in the print module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

PT-2026-2564

Permission verification bypass vulnerability in the media library module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

MiracleLinux 8 : perl-CPAN-2.18-402.el8_10 (AXSA:2025-9982:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-9982:02 advisory. perl-CPAN: Bypass of verification of signatures in CHECKSUMS files CVE-2020-16156 Tenable has extracted the preceding description block directly from the...

CVE-2009-4526

The Send by e-mail sub-module in the Print aka Printer, e-mail and PDF versions module 5.x before 5.x-4.9 and 6.x before 6.x-1.9, a module for Drupal, does not properly enforce privilege requirements, which allows remote attackers to read page titles by requesting a "Send to friend" form...

CVE-2021-22306

There is an out-of-bound read vulnerability in Mate 30 10.0.0.182C00E180R6P2. A module does not verify the some input when dealing with messages. Attackers can exploit this vulnerability by sending malicious input through specific module. This could cause out-of-bound, compromising normal service...

CVE-2022-38999

The AOD module has the improper update of reference count vulnerability. Successful exploitation of this vulnerability may affect data integrity, confidentiality, and availability...

CVE-2019-18664

The Log module in SECUDOS DOMOS before 5.6 allows XSS...

Security Bulletin: Kafka client library upgraded to kafka-clients-3.9.1

Summary Kafka client library upgraded to kafka-clients-3.9.1. Vulnerability Details CVEID:CVE-2025-27818 DESCRIPTION: A possible security vulnerability has been identified in Apache Kafka. This requires access to a alterConfig to the cluster resource, or Kafka Connect worker, and the ability to...

CVE-2025-15195 code-projects Assessment Management add-module.php sql injection

A vulnerability was determined in code-projects Assessment Management 1.0. Affected by this issue is some unknown functionality of the file /admin/add-module.php. This manipulation of the argument linked causes sql injection. The attack can be initiated remotely. The exploit has been publicly...

CVE-2025-56124

CVE-2025-56124 affects Ruijie X60 PRO routers (V1.00–V2.00). The vulnerability is an OS Command Injection in the module_get function invoked via a crafted POST to /usr/local/lua/dev_sta/networkConnect.lua, allowing an attacker to execute arbitrary commands with local privileges. Multiple sources ...

PT-2025-50681

Name of the Vulnerable Software and Affected Versions Ruijie RG-YST EST, YSTAP 3.01B11P280YST250F versions V1.xxV2.xx Description An OS Command Injection issue exists in Ruijie RG-YST EST, YSTAP 3.01B11P280YST250F. Successful exploitation allows attackers to execute arbitrary commands. This is...

CVE-2025-66323

Vulnerability of improper criterion security check in the card module. Impact: Successful exploitation of this vulnerability may affect availability...