MiracleLinux 4 : rh-mysql56-mysql-5.6.38-1.AXS4 (AXSA:2017-2426:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2426:02 advisory. This update fixes several vulnerabilities in the MySQL database server. Information about these flaws can be found on the Oracle Critical Patch Upda...

EUVD-2019-11427

Malware in sbrugna...

EUVD-2020-3169

Malware in sbrugna...

EUVD-2020-23855

Malware in sbrugna...

EUVD-2016-0696

Malware in sbrugna...

EUVD-2024-26088

Malicious code in bioql PyPI...

EUVD-2022-44526

Malicious code in bioql PyPI...

EUVD-2022-34481

Malicious code in bioql PyPI...

EUVD-2025-7824

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2018-3251

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior an...

CVE-2024-37208

Server-Side Request Forgery SSRF vulnerability in Robert Macchi WP Scraper.This issue affects WP Scraper: from n/a through 5.7...

CVE-2024-29684

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF via the component /src/dede/makehtmlhomepage.php allowing a remote attacker to execute arbitrary code...

CVE-2024-28678

DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via the component /dede/articledescriptionmain.php...

CVE-2025-31098 WordPress DeBounce Email Validator plugin <= 5.7 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in debounce DeBounce Email Validator debounce-io-email-validator allows PHP Local File Inclusion.This issue affects DeBounce Email Validator: from n/a through = 5.7...

CVE-2025-27925

Nintex Automation 5.6 and 5.7 before 5.8 has insecure deserialization of user input...

WordPress plugin Ultimate TinyMCE 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress TinyMCE Plugin <= 5.7 is vulnerable to Cross Site Scripting (XSS)

Software TinyMCE Type Plugin Vulnerable versions = 5.7 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8627 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID c0621a2e5fba Credits Francesco Carlucci Required privileg...

AZL-43015 CVE-2024-29039 affecting package tpm2-tools for versions less than 5.5.1-1

tpm2 is the source repository for the Trusted Platform Module TPM2.0 tools. This vulnerability allows attackers to manipulate tpm2checkquote outputs by altering the TPMLPCRSELECTION in the PCR input file. As a result, digest values are incorrectly mapped to PCR slots and banks, providing a...

CVE-2024-29039

CVE-2024-29039 affects the tpm2-tools package (TPM 2.0 tools). The vulnerability arises when an attacker manipulates the TPML_PCR_SELECTION in the PCR input file, causing tpm2_checkquote to mis-map digest values to wrong PCR slots/banks and thereby present a misleading TPM state. Affected version...

CVE-2024-29039 Missing check in tpm2_checkquote allows attackers to misrepresent the TPM state

tpm2 is the source repository for the Trusted Platform Module TPM2.0 tools. This vulnerability allows attackers to manipulate tpm2checkquote outputs by altering the TPMLPCRSELECTION in the PCR input file. As a result, digest values are incorrectly mapped to PCR slots and banks, providing a...