Azure Linux 3.0 Security Update: kernel (CVE-2025-38102)

"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-38102 advisory. - In the Linux kernel, the following vulnerability has been resolved: VMCI: fix race between...

Azure Linux 3.0 Security Update: kernel (CVE-2024-47709)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47709 advisory. - In the Linux kernel, the following vulnerability has been resolved: can: bcm: Clear bo-bcmprocread after...

Azure Linux 3.0 Security Update: kata-containers (CVE-2024-32650)

The version of kata-containers installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-32650 advisory. - Rustls is a modern TLS library written in Rust. rustls::ConnectionCommon::completeio could fall int...

CVE-2025-57786

A reflected cross-site scripting xss vulnerability exists in the notifynewstudy functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...

CVE-2025-57786

A reflected cross-site scripting xss vulnerability exists in the notifynewstudy functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...

MiracleLinux 7 : samba-4.10.16-9.0.1.el7.AXS7 (AXSA:2020-1012:06)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-1012:06 advisory. samba: Netlogon elevation of privilege vulnerability Zerologon CVE-2020-1472 samba: Missing handle permissions check in SMB1/2/3 ChangeNotify...

PT-2026-3607

A reflected cross-site scripting xss vulnerability exists in the notifynewstudy functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...

ROS-20260120-7331

A vulnerability in the usbhscnotifyhotplug function of the USB driver drivers/usb/renesasusbhs/common.c of the Linux kernel is related to pointer dereferencing. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

MiracleLinux 8 : glibc-2.28-164.el8 (AXSA:2021-2585:08)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2585:08 advisory. glibc: Arbitrary read in wordexp CVE-2021-35942 glibc: Use-after-free in addgetnetgrentX function in netgroupcache.c CVE-2021-27645 glibc: mqnotify...

CVE-2025-67078

Cross site scripting XSS vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute arbitrary code via the notify parameter of the file controller used to display errors...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003969)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003969 advisory. A use after free in the Linux kernel File System notify functionality was found in the way user triggers copyinforecordstouser call to fail in copyeventtouser. A loc...

CVE-2025-34441

creationtimestamp| type| source ---|---|--- 2026-01-15 23:54:26+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/avideonotifyffmpegunauthrce.rb 2026-01-16 21:03:03+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3mckypdty5q2f...

CVE-2025-67078

Cross site scripting XSS vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute arbitrary code via the notify parameter of the file controller used to display errors...

CVE-2025-67078

Cross site scripting XSS vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute arbitrary code via the notify parameter of the file controller used to display errors...

CVE-2025-67078

Cross site scripting XSS vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute arbitrary code via the notify parameter of the file controller used to display errors...

CVE-2025-67078

Cross site scripting XSS vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute arbitrary code via the notify parameter of the file controller used to display errors...

CVE-2025-67078

Cross site scripting XSS vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute arbitrary code via the notify parameter of the file controller used to display errors...

EUVD-2026-2752

Cross site scripting XSS vulnerability in Omnispace Agora Project before 25.10 allowing attackers to execute arbitrary code via the notify parameter of the file controller used to display errors...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003418)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003418 advisory. The mqnotify function in the Linux kernel through 4.11.9 does not set the sock pointer to NULL upon entry into the retry logic. During a user-space close of a Netlin...

CVE-2025-67078

Omnispace Agora Project contains a Cross Site Scripting (XSS) vulnerability in versions prior to 25.10. The issue arises in the file controller’s notify parameter used to display errors, enabling an attacker to execute arbitrary code in the context of the affected user. The CVE is documented acro...