MiracleLinux 4 : icedtea-web-1.6.2-1.0.1.AXS4 (AXSA:2016-504:01)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2016-504:01 advisory. The IcedTea-Web project provides a Java web browser plugin, an implementation of Java Web Start originally based on the Netx project and a settings...

Linux Distros Unpatched Vulnerability : CVE-2025-58066

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nptd-rs is a tool for synchronizing your computer's clock, implementing the NTP and NTS protocols. In versions between 1.2.0 and 1.6.1 inclusive servers which...

SUSE CVE-2025-58066

nptd-rs is a tool for synchronizing your computer's clock, implementing the NTP and NTS protocols. In versions between 1.2.0 and 1.6.1 inclusive servers which allow non-NTS traffic are affected by a denial of service vulnerability, where an attacker can induce a message storm between two NTP...

DEBIAN-CVE-2025-58066

nptd-rs is a tool for synchronizing your computer's clock, implementing the NTP and NTS protocols. In versions between 1.2.0 and 1.6.1 inclusive servers which allow non-NTS traffic are affected by a denial of service vulnerability, where an attacker can induce a message storm between two NTP...

CVE-2025-58066

nptd-rs is a tool for synchronizing your computer's clock, implementing the NTP and NTS protocols. In versions between 1.2.0 and 1.6.1 inclusive servers which allow non-NTS traffic are affected by a denial of service vulnerability, where an attacker can induce a message storm between two NTP...

CVE-2025-58066 DoS Vulnerability in ntpd-rs

nptd-rs is a tool for synchronizing your computer's clock, implementing the NTP and NTS protocols. In versions between 1.2.0 and 1.6.1 inclusive servers which allow non-NTS traffic are affected by a denial of service vulnerability, where an attacker can induce a message storm between two NTP...

GHSA-4855-Q42W-5VR4 DoS Vulnerability in ntpd-rs

Summary A denial of service vulnerability was discovered in ntpd-rs where an attacker can induce a message storm between two NTP servers running ntpd-rs. Details Since ntpd-rs version 1.2.0, when configured as a server, incorrectly responded to all NTP messages sent to the server's port with a ti...

CVE-2024-12478

InvoicePlane 1.x is affected up to 1.6.1 by CVE-2024-12478 due to unrestricted upload via the upload_file function at /index.php/upload/upload_file/1/1. The issue allows remote abuse of the file parameter to upload arbitrary content. A fixed version is 1.6.2-beta-1; upgrading addresses the vulner...

PT-2024-17708 · Unknown · Invoiceplane

Name of the Vulnerable Software and Affected Versions: InvoicePlane versions up to 1.6.1 Description: A vulnerability was found in InvoicePlane, affecting some unknown functionality of the file /invoices/view. The manipulation leads to session expiration. The attack may be launched remotely, with...

PT-2024-17570 · Unknown · Invoiceplane

Name of the Vulnerable Software and Affected Versions: InvoicePlane versions up to 1.6.1 Description: A vulnerability was found in InvoicePlane, affecting the function download of the file invoices.php. The manipulation of the invoice argument leads to path traversal. It is possible to initiate t...

PT-2022-26169 · Flarum · Flarum

Name of the Vulnerable Software and Affected Versions: Flarum versions 1.5.0 through 1.6.1 Description: The issue arises from Flarum's page title system, which allowed page titles to be converted into HTML DOM nodes when pages were rendered. This enabled an attacker to inject malicious HTML marku...

PT-2021-11163 · Hashicorp · Hashicorp Vault +1

Name of the Vulnerable Software and Affected Versions: HashiCorp Vault and Vault Enterprise versions prior to 1.5.7 HashiCorp Vault and Vault Enterprise versions prior to 1.6.2 Description: The issue allows for enumeration of Secrets Engine mount paths via unauthenticated HTTP requests...