25171 matches found
Photon OS 4.0: Python3 PHSA-2025-4.0-0912
An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0912. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Exploit for OS Command Injection in Fortinet Fortiweb
OS Command Injection Vulnerability in Fortinet FortiWeb CVE-2...
Wireshark Security Update (wnpa-sec-2025-05) - Mac OS X
Wireshark is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"...
TVT NVMS-9000 安全漏洞
The TVT NVMS-9000 is a digital video recorder from China-based Tongwei TVT. A security vulnerability exists in the TVT NVMS-9000 prior to version 1.3.4, which stems from an OS command injection flaw in the inclusion of hardcoded API credentials and configuration services, which could lead to...
Important Photon OS Security Update - PHSA-2025-4.0-0913
Updates of 'linux' packages of Photon OS have been released...
VulnCheck KEV: CVE-2025-9528
A vulnerability was determined in Linksys E1700 1.0.0.4.003. This vulnerability affects the function systemCommand of the file /goform/systemCommand. Executing manipulation of the argument command can lead to os command injection. The attack may be launched remotely. The exploit has been publicly...
EUVD-2025-198519
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.5, macOS Sonoma 14.7.3. An app may be able to access sensitive user data...
CVE-2025-11935
With TLS 1.3 pre-shared key PSK a malicious or faulty server could ignore the request for PFS perfect forward secrecy and the client would continue on with the connection using PSK without PFS. This happened when a server responded to a ClientHello containing pskdheke without a keyshare...
CVE-2025-31248
CVE-2025-31248 involves a parsing issue in the handling of directory paths. The root cause is improper path validation, addressed by and fixed in macOS Ventura 13.7.3, macOS Sequoia 15.5, and macOS Sonoma 14.7.3. Impact per the sources: an app may be able to access sensitive user data due to the ...
Apple Safari和Apple macOS 安全漏洞
Apple Safari and Apple macOS are both products of Apple Inc. Apple Safari is a web browser that is the default browser shipped with the Mac OS X and iOS operating systems. apple macOS is a specialized operating system developed specifically for Mac computers. A security vulnerability exists in...
Apple多款产品 安全漏洞
Apple iOS is an operating system developed for mobile devices. apple macOS is a specialized operating system developed for Mac computers. apple iPadOS is an operating system for iPad tablet computers. A security vulnerability exists in several Apple products that originates from an out-of-bounds...
Apple macOS 安全漏洞
Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS that stems from insufficient path authentication, which could result in an application accessing sensitive user data. The followin...
Google Chrome < 88.0.4324.104 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 88.0.4324.104. It is, therefore, affected by multiple vulnerabilities as referenced in the 202101stable-channel-update-for-desktop19 advisory. - Inappropriate implementation in DevTools in Google Chrome prior to...
Google Chrome < 124.0.6367.78 Multiple Vulnerabilities
The version of Google Chrome installed on the remote macOS host is prior to 124.0.6367.78. It is, therefore, affected by multiple vulnerabilities as referenced in the 202404stable-channel-update-for-desktop24 advisory. - Use after free in Dawn in Google Chrome prior to 124.0.6367.78 allowed a...
TencentOS Server 4: pcs (TSSA-2025:0255)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0255 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
TencentOS Server 3: firefox (TSSA-2023:0181)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0181 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
CVE-2025-36371
IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 are impacted by obtaining an information vulnerability in the database plan cache implementation. A user with access to the database plan cache could see information they do not have authority to view...
CVE-2025-37163
A command injection vulnerability has been identified in the command line interface of the HPE Aruba Networking Airwave Platform. An authenticated attacker could exploit this vulnerability to execute arbitrary operating system commands with elevated privileges on the underlying operating system...
CVE-2025-37158
A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to conduct a Remote Code Execution RCE on the affected system...
CVE-2025-37157
A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation could allow an authenticated remote attacker to conduct a Remote Code Execution RCE on the affected system...