151 matches found
Vulnerability fixed in GNU Inetutils telnetd
Security researchers have found a a vulnerability in Inetutils telnetd version 2.7. This vulnerability has been present since version 1.9.3 that came out in 2015, according to the researchers. The vulnerability is in the way the telnetd service handles the USER environment variable. By setting th...
MiracleLinux 8 : container-tools:4.0 (AXSA:2024-7735:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7735:01 advisory. buildah: full container escape at build time CVE-2024-1753 Tenable has extracted the preceding description block directly from the MiracleLinux security...
Security Bulletin: Multiple security vulnerabilities in Java may affect IBM Robotic Process Automation
Summary Multiple security vulnerabilities in Java affect IBM Robotic Process Automation. Java is used by IBM Robotic Process Automation as part of metrics and licening, and UMS. This bulletin identifies the fixes required to address these vulnerabilities. Vulnerability Details CVEID:CVE-2025-5305...
MiracleLinux 9 : vim-8.2.2637-23.el9_7 (AXSA:2025-11425:04)
The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11425:04 advisory. vim: Vim path traversal CVE-2025-53906 vim: Vim path traversial CVE-2025-53905 Tenable has extracted the preceding description block directly from...
CVE-2025-68455 Craft CMS vulnerable to potential authenticated Remote Code Execution via malicious attached Behavior
Craft is a platform for creating digital experiences. Versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC1 through 4.16.16 are vulnerable to potential authenticated Remote Code Execution via malicious attached Behavior. Note that attackers must have administrator access to the Craft Control Panel for...
PT-2026-1257
Name of the Vulnerable Software and Affected Versions Centreon Infra Monitoring versions 25.10.0 through 25.10.1 Centreon Infra Monitoring versions 24.10.0 through 24.10.14 Centreon Infra Monitoring versions 24.04.0 through 24.04.18 Description The software contains an Improper Neutralization of...
Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2025-2606)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2025-53282
Name of the Vulnerable Software and Affected Versions Assaf Parag Poll, Survey & Quiz Maker Plugin by Opinion Stage versions through 19.12.1 Description The Assaf Parag Poll, Survey & Quiz Maker Plugin by Opinion Stage has an issue related to incorrectly configured access control security levels,...
Fedora: Security Advisory (FEDORA-2025-67511a59e3)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-7873-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2025-47209
Name of the Vulnerable Software and Affected Versions code-projects Courier Management System version 1.0 Description A flaw exists in code-projects Courier Management System 1.0 that allows for remote code execution. The issue is located in the file /add-new-officer.php. Manipulation of the...
Debian: Security Advisory (DLA-4368-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
KLA90053 PE vulnerability in Microsoft SQL Server
An elevation of privilege vulnerability was found in Microsoft SQL Server. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2025-59499 Related products Microsoft-SQL-Server Microsoft-Azure CVE list CVE-2025-59499 critical KB list 5068405 5068403 5068401...
PT-2025-44903
Name of the Vulnerable Software and Affected Versions iOS versions prior to 18.7.2 iPadOS versions prior to 18.7.2 Description Visiting a malicious website may lead to address bar spoofing due to inadequate checks. Recommendations Update to iOS version 18.7.2 or later. Update to iPadOS version...
CVE-2025-52663
A vulnerability was identified in certain UniFi Talk devices where internal debugging functionality remained unintentionally enabled. This issue could allow an attacker with access to the UniFi Talk management network to invoke internal debug operations through the device API. Affected Products:...
CVE-2025-52663
A vulnerability was identified in certain UniFi Talk devices where internal debugging functionality remained unintentionally enabled. This issue could allow an attacker with access to the UniFi Talk management network to invoke internal debug operations through the device API. Affected Products:...
Fedora: Security Advisory (FEDORA-2025-22fd93478b)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EUVD-2013-6174
Malware in sbrugna...
EUVD-2015-5111
Malware in sbrugna...
EUVD-2025-20425
Malicious code in bioql PyPI...