6663 matches found
SUSE: Security Advisory (SUSE-SU-2026:20195-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2026-6591
Name of the Vulnerable Software and Affected Versions PHP-Fusion version 9.03.50 Description The application does not properly sanitize user input before rendering it in a browser, which allows attackers to inject arbitrary JavaScript. This can be exploited by submitting crafted input to the pane...
Low: libxml2
Issue Overview: A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives. Specially crafted or overly complex schemas can cause excessive recursion during...
Fedora 43 : pgadmin4 (2026-4e47f4d911)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-4e47f4d911 advisory. Regenerate vendor tarball. Fixes CVE-2025-13465. Tenable has extracted the preceding description block directly from the Fedora security advisory...
Fedora 43 : yarnpkg (2026-a75abb3f2b)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-a75abb3f2b advisory. Regenerate vendor tarball. Fixes CVE-2025-13465. Tenable has extracted the preceding description block directly from the Fedora security advisory...
RockyLinux 9 : fence-agents (RLSA-2026:1903)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:1903 advisory. pyasn1: pyasn1: Denial of Service due to memory exhaustion from malformed RELATIVE-OID CVE-2026-23490 Tenable has extracted the preceding description block direct...
PT-2026-5931
Name of the Vulnerable Software and Affected Versions n8n versions 1.65.0 through 1.114.2 Description n8n is a workflow automation platform. The use of Buffer.allocUnsafe and Buffer.allocUnsafeSlow in the task runner allowed untrusted code to allocate uninitialized memory. This could result in...
PT-2026-5886
Name of the Vulnerable Software and Affected Versions SportsPress plugin for WordPress versions through 2.7.26 Description The SportsPress plugin for WordPress is susceptible to Local File Inclusion via the 'template name' attribute within shortcodes. This allows authenticated attackers with...
PT-2026-6067
Name of the Vulnerable Software and Affected Versions Karel Electronics Industry and Trade Inc. ViPort versions through 23012026 Description The software contains an Improper Neutralization of Input During Web Page Generation issue, specifically a Stored Cross-site Scripting XSS condition. This...
Fedora: Security Advisory (FEDORA-2026-08c12edc84)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2026-6229
Name of the Vulnerable Software and Affected Versions Copyscape Premium versions through 1.4.1 Description A Cross-Site Request Forgery issue exists in Copyscape Premium. This allows attackers to perform actions on behalf of an unsuspecting user. The issue affects Copyscape Premium. Recommendatio...
PT-2026-6219
Name of the Vulnerable Software and Affected Versions Themefic Ultimate Addons for Contact Form 7 versions through 3.5.34 Description An issue exists in Themefic Ultimate Addons for Contact Form 7 related to incorrectly configured access control security levels, potentially allowing unauthorized...
PT-2026-5775
Name of the Vulnerable Software and Affected Versions Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress versions prior to 2.19.18 Description The Spectra Gutenberg Blocks plugin for WordPress is susceptible to information disclosure. The plugin does not verify...
PT-2026-6223
Name of the Vulnerable Software and Affected Versions WpEvently versions n/a through 5.0.8 Description The software contains a flaw due to deserialization of untrusted data, which allows for object injection. This issue impacts WpEvently mage-eventpress. Recommendations Update WpEvently to a...
PT-2026-6224
Name of the Vulnerable Software and Affected Versions WP Chill Strong Testimonials versions through 3.2.20 Description A missing authorization issue exists in WP Chill Strong Testimonials, allowing exploitation of incorrectly configured access control security levels. Recommendations Update WP...
PT-2026-6252
Name of the Vulnerable Software and Affected Versions Mizan Demo Importer versions through 0.1.3 Description The Mizan Demo Importer software contains a flaw related to incorrectly configured access control security levels, potentially allowing unauthorized access. The issue is present in the...
PT-2026-6268
Name of the Vulnerable Software and Affected Versions apko versions 0.14.8 through 1.0.9 Description apko is a tool for building and publishing OCI container images from apk packages. A flaw exists in the expandapk.Split function where it drains the first gzip stream of an APK archive without...
PT-2026-6243
Name of the Vulnerable Software and Affected Versions Hustle versions through 7.8.9.2 Description A flaw exists in the wordpress-popup component of WPMU DEV - Your All-in-One WordPress Platform Hustle that allows the retrieval of embedded sensitive data. This could lead to an exposure of sensitiv...
PT-2026-6048
Name of the Vulnerable Software and Affected Versions Foxit PDF Editor Cloud pdfonline versions prior to 2026-02-03 Description Foxit PDF Editor Cloud pdfonline has a stored cross-site scripting issue in the Create New Layer feature. The application embeds unsanitized user input into the HTML...
PT-2026-6331
Name of the Vulnerable Software and Affected Versions Blesta versions 3.x through 5.x before 5.13.3 Description The software contains a flaw that allows for object injection. This issue is also known as CORE-5680. Recommendations Update to version 5.13.3 or later...