EUVD-2022-45237

Malicious code in bioql PyPI...

EUVD-2022-46151

Malicious code in bioql PyPI...

moment-timezone

This repository is an add-on for Moment.js, a JavaScript library for working with dates and times. It provides support for timezones, allowing users to easily work with dates and times in different timezones. The repository contains a variety of files, including a Gruntfile.js, which is used to...

SUSE SLES15 / openSUSE 15 Security Update : java-1_8_0-ibm (SUSE-SU-2025:03262-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03262-1 advisory. Update to Java 8.0 Service Refresh 8 Fix Pack 50. Security issues fixed: - Oracle July 15 2025 CPU bsc1247754. -...

Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: Update to Java 8.0 Service Refresh 8 Fix Pack 50. Security issues fixed: Oracle July 15 2025 CPU bsc1247754. CVE-2025-30749: heap corruption allows unauthenticated attacker with network access to compromise and takeover Java applications th...

SUSE-SU-2025:03262-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: Update to Java 8.0 Service Refresh 8 Fix Pack 50. Security issues fixed: - Oracle July 15 2025 CPU bsc1247754. - CVE-2025-30749: heap corruption allows unauthenticated attacker with network access to compromise and takeover Java application...

SUSE SLES12 Security Update : java-1_8_0-ibm (SUSE-SU-2025:03236-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03236-1 advisory. Update to Java 8.0 Service Refresh 8 Fix Pack 50. Security issues fixed: - Oracle July 15 2025 CPU bsc1247754. - CVE-2025-30749: heap corrupti...

Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: Update to Java 8.0 Service Refresh 8 Fix Pack 50. Security issues fixed: Oracle July 15 2025 CPU bsc1247754. CVE-2025-30749: heap corruption allows unauthenticated attacker with network access to compromise and takeover Java applications th...

SUSE-SU-2025:03236-1 Security update for java-1_8_0-ibm

This update for java-180-ibm fixes the following issues: Update to Java 8.0 Service Refresh 8 Fix Pack 50. Security issues fixed: - Oracle July 15 2025 CPU bsc1247754. - CVE-2025-30749: heap corruption allows unauthenticated attacker with network access to compromise and takeover Java application...

CVE-2025-9582 Comfast CF-N1 webmgnt ntp_timezone command injection

A flaw has been found in Comfast CF-N1 2.6.0. Affected is the function ntptimezone of the file /usr/bin/webmgnt. Executing manipulation of the argument timestr can lead to command injection. The attack may be launched remotely. The exploit has been published and may be used...

MAL-2025-41495 Malicious code in @twork-data-services/customer-storage-api-v3-customer-timezone (npm)

--- -= Per source details. Do not edit below this line.=-...

CVE-2025-50986

diskover-web v2.3.0 Community Edition suffers from multiple stored cross-site scripting XSS vulnerabilities in its administrative settings interface. Various configuration fields such as ESHOST, ESINDEXREFRESH, ESPORT, ESSCROLLSIZE, ESTRANSLOGSIZE, ESTRANSLOGSYNCINT, EXCLUDESFILES, FILETYPES,...

CVE-2025-50986

diskover-web v2.3.0 Community Edition suffers from multiple stored cross-site scripting XSS vulnerabilities in its administrative settings interface. Various configuration fields such as ESHOST, ESINDEXREFRESH, ESPORT, ESSCROLLSIZE, ESTRANSLOGSIZE, ESTRANSLOGSYNCINT, EXCLUDESFILES, FILETYPES,...

Oracle Linux 7 : java-1.8.0-openjdk (ELSA-2025-10861)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-10861 advisory. 1:1.8.0.462.b08-1.0.1 - Update to 8u462-b08 GA Orabug: 38248370 - Update release notes for 8u462-b08. - Require tzdata 2025b due to upstream inclusion...

CVE-2013-10049

An OS command injection vulnerability exists in multiple Raidsonic NAS devices—specifically tested on IB-NAS5220 and IB-NAS4220—via the unauthenticated timeHandler.cgi endpoint exposed through the web interface. The CGI script fails to properly sanitize user-supplied input in the timeZone paramet...

CVE-2013-10049

An OS command injection vulnerability exists in multiple Raidsonic NAS devices—specifically tested on IB-NAS5220 and IB-NAS4220—via the unauthenticated timeHandler.cgi endpoint exposed through the web interface. The CGI script fails to properly sanitize user-supplied input in the timeZone paramet...

Tenda AC8V4 Buffer Overflow Vulnerability (CNVD-2025-17344)

The Tenda AC8V4 is a wireless router from Tenda China. Tenda AC8V4 suffers from a buffer overflow vulnerability that originates from a stack buffer overflow in the timeZone parameter in /goform/fastsettingwifiset, no detailed vulnerability details are provided at this time...

Oracle Linux 10 / 8 / 9 : java-21-openjdk (ELSA-2025-10873)

The remote Oracle Linux 10 / 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-10873 advisory. 1:21.0.8.0.9-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:21.0.8.0.9-1.1 - Update to jdk-21.0.8+9 GA - Update release notes to 21.0.8...

java-1.8.0-openjdk security update

1:1.8.0.462.b08-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:1.8.0.462.b08-1 - Update to 8u462-b08 GA - Update release notes for 8u462-b08. - Require tzdata 2025b due to upstream inclusion of JDK-8352716 - Add early backport of JDK-8339414 - Sync the copy of the portable specfile with the...

Tenda AC20 Buffer Overflow Vulnerability

Tenda AC20 is a dual-band wireless router with IPv6 protocol support, featuring a triple-core 1GHz main controller with six 6dBi external antennas and a maximum wireless transmission rate of 2033Mbps. The Tenda AC20 suffers from a buffer overflow vulnerability that originates from improper handli...