CVE-2026-39677

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CreativesPlanet Emphires emphires allows PHP Local File Inclusion.This issue affects Emphires: from n/a through = 3.9...

CVE-2026-39677

The CVE describes a PHP Local File Inclusion in the WordPress Emphires theme (Creatives_Planet Emphires) versions up to 3.9, caused by improper control of filename for include/require statements (PHP Remote File Inclusion). Affects Emphires

CVE-2026-22520

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in G5Theme Handmade Framework handmade-framework allows Reflected XSS.This issue affects Handmade Framework: from n/a through = 3.9...

CVE-2026-22520 WordPress Handmade Framework plugin <= 3.9 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in G5Theme Handmade Framework handmade-framework allows Reflected XSS.This issue affects Handmade Framework: from n/a through = 3.9...

RHSA-2026:5218 Red Hat Security Advisory: python3.9 security update

Bulletin has no description...

[SECURITY] Fedora 42 Update: python3.9-3.9.25-3.fc42

Python 3.9 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.9, see other distributions that support it, such as CentOS or RHEL or older Fedo...

MiracleLinux 9 : python3.9-3.9.18-1.el9 (AXSA:2023-6804:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6804:05 advisory. python: tarfile module directory traversal CVE-2007-4559 Tenable has extracted the preceding description block directly from the MiracleLinux security...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000555)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000555 advisory. The rfcommsockrecvmsg function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002456)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002456 advisory. The llcuirecvmsg function in net/llc/afllc.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002313)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002313 advisory. The rfcommsockrecvmsg function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001812)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001812 advisory. Memory leak in the kvmsetmemoryregion function in virt/kvm/kvmmain.c in the Linux kernel before 3.9 allows local users to cause a denial of service memory consumptio...

MiracleLinux 9 : python3.9-3.9.21-2.el9_6.1 (AXSA:2025-10620:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10620:02 advisory. cpython: Tarfile extracts filtered members when errorlevel=0 CVE-2025-4435 cpython: Bypass extraction filter to modify file metadata outside...

CVE-2026-22521

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in G5Theme Handmade Framework handmade-framework allows PHP Local File Inclusion.This issue affects Handmade Framework: from n/a through = 3.9...

CVE-2026-22521 WordPress Handmade Framework plugin <= 3.9 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in G5Theme Handmade Framework handmade-framework allows PHP Local File Inclusion.This issue affects Handmade Framework: from n/a through = 3.9...

CVE-2025-15069 Privilege Escalation in Gmission Web FAX

Improper Authentication vulnerability in Gmission Web Fax allows Privilege Escalation.This issue affects Web Fax: from 3.0 before 3.0.1...

CVE-2023-53888

Zomplog 3.9 contains a remote code execution vulnerability that allows authenticated attackers to inject and execute arbitrary PHP code through file manipulation endpoints. Attackers can upload malicious JavaScript files, rename them to PHP, and execute system commands by exploiting the saveE and...

EUVD-2022-38016

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-32472

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Teachers exporting a forum in CSV format could receive a CSV of forums from all courses in some circumstances. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6 and...

RHSA-2025:15019 Red Hat Security Advisory: python3.9 security update

Bulletin has no description...

[SECURITY] [DLA 4281-1] iperf3 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4281-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk August 24, 2025 https://wiki.debian.org/LTS -...