Fedora 40 : java-17-openjdk (2025-15a818859e)

The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-15a818859e advisory. This is major rework of alternatives usage. We are finally! dropping the parallel installs support, and moving back to good, old java-xyz-openjdk major...

Wordfence Intelligence Weekly WordPress Vulnerability Report (February 17, 2025 to February 23, 2025)

Did you know Wordfence runs aBug Bounty Program for all WordPress plugins and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability , for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we...

Azure Linux 3.0 Security Update: expat / python3 (CVE-2024-28757)

The version of expat / python3 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-28757 advisory. - libexpat through 2.6.1 allows an XML Entity Expansion attack when there is isolated use of external...

Amazon AppStream 2.0 Installed (macOS)

Binary data amazonappstream2macinstalled.nbin...

Amazon AppStream 2.0 Installed (Windows)

Binary data amazonappstream2wininstalled.nbin...

Schneider Electric EcoStruxure Geo SCADA Expert Web Server Detection

Binary data schneiderelectricecostruxuregeoscadaexpertwebdetect.nbin...

Dante Discovery Detection (Windows)

Binary data dantediscoverywininstalled.nbin...

Atlassian Jira Service Management Data Center and Server 10.3.1 (JSDSERVER-15978)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-15978 advisory. - The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerabl...

Amazon Linux 2 : kernel (ALAS-2025-2759)

The version of kernel installed on the remote host is prior to 4.14.355-275.591. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2759 advisory. In the Linux kernel, the following vulnerability has been resolved: ACPI: sysfs: validate return type of STR metho...

Qualys TotalCloud KCS Achieves Red Hat Vulnerability Scanner Certification

We’re excited to announce that Qualys TotalCloud Kubernetes and Container Security KCS has achieved the Red Hat Vulnerability Scanning Certification , reinforcing our commitment to unbiased, 6-sigma accurate vulnerability detection. By meeting Red Hat’s rigorous security standards, Qualys...

GHSA-5FQ7-4MXC-535H vulnerabilities

Vulnerabilities for packages: direnv, delve, jitsucom-bulker, eck-operator, tfsec, eksctl, tigera-operator-fips, kubernetes, local-static-provisioner, chartmuseum, git-lfs, harbor-registry-fips, kubernetes-dashboard-fips, cadvisor-fips, wave-fips, harbor-cli, gosu, stern, paranoia,...

Atlassian Jira Managefilters Information Disclosure

Atlassian Jira misconfiguration can allow a remote and unauthenticated attacker to enumerate a list of filters that may contain sensitive information. No source data...

Palo Alto PAN-OS Authentication Bypass

Palo Alto PAN-OS versions 10.1.14-h9 / 10.2.x 10.2.13-h3 / 11.1.x 11.1.6-h1 / 11.2.x 11.2.4-h4 is affected by a vulnerability allowing an attacker to bypass authentication and invoke certain PHP scripts via a specially forged request. No source data...

Atlassian Jira Public Dashboard Detected

Atlassian Jira misconfiguration can allow a remote and unauthenticated attacker to enumerate a list of dashboards that may contain sensitive information. No source data...

Magento Installed Packages

Binary data adobemagentopackageenum.nbin...

Adobe Commerce B2B Module Installed (Linux)

Binary data adobecommerceb2bnixinstalled.nbin...

Trimble Cityworks Web Detection

Binary data trimblecityworksdetect.nbin...

Siemens SIMATIC Devices Linux Kernel Use After Free (CVE-2022-47946)

An issue was discovered in the Linux kernel 5.10.x before 5.10.155. A use-after-free in iosqpollwaitsq in fs/iouring.c allows an attacker to crash the kernel, resulting in denial of service. finishwait can be skipped. An attack can occur in some situations by forking a process and then quickly...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : emacs (SUSE-SU-2025:0599-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:0599-1 advisory. - CVE-2025-1244: improper handling of custom 'man' URI schemes allow for shell command injections...

Oracle Linux 9 : postgresql:15 (ELSA-2025-1741)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-1741 advisory. - Fixes: CVE-2024-10976 CVE-2024-10978 CVE-2024-10979 - Fix CVE-2024-0985 - Fixes CVE-2023-5868, CVE-2023-5869, CVE-2023-5870, CVE-2023-39417, and CVE-2023-3941...