5124 matches found
Siemens SIMATIC CN 4100
SUMMARY SIMATIC CN 4100 contains multiple vulnerabilities which could potentially lead to a compromise in availability, integrity and confidentiality. Siemens has released a new version for SIMATIC CN 4100 and recommends to update to the latest version. 2. GENERAL RECOMMENDATIONS As a general...
CLSA-2025-1765231763 golang: Fix of 3 CVEs
Update to Go 1.22.9 - Remove CVE-2024-34155, CVE-2024-34156, and CVE-2024-34158 patches - Remove fix-standard-crypto-panic.patch no longer needed - Add disablestatictestspart1.patch and disablestatictestspart2.patch to disable OpenSSL backend for static builds - Add...
Exploit for Deserialization of Untrusted Data in Facebook React
Next.js RCE Patcher CVE-2025-55182 A simple, automated tool...
Security update for himmelblau (important)
openSUSE security update: security update for himmelblau ------------------------------------------------------------- Announcement ID: openSUSE-SU-2025-20114-1 Rating: important References: bsc1249013 bsc1250687 Cross-References: CVE-2025-58160 CVE-2025-59044 CVSS scores: CVE-2025-58160 SUSE : 3...
Security update for cpp-httplib (important)
openSUSE Security Update: Security update for cpp-httplib Announcement ID: openSUSE-SU-2025:0446-1 Rating: important References: 1242777 1245414 1246468 1246471 Cross-References: CVE-2025-46728 CVE-2025-52887 CVE-2025-53628 CVE-2025-53629 CVSS scores: CVE-2025-46728 SUSE: 8.2...
OPENSUSE-SU-2025:20114-1 Security update for himmelblau
This update for himmelblau fixes the following issues: - Update to version 0.9.23+git.0.9776141: CVE-2025-59044: Fixed GID collision of same-name groups allowing privilege escalation bsc1250687 depsrust: bump the all-cargo-updates group CVE-2025-58160: tracing-subscriber: Fixed log pollution...
Security Bulletin: IBM Informix updated to use the latest version of Netty to handle the Netty vulnerability.
Summary Netty version updated to 4.1.118.Final in Informix 12.10.xC16W2 and 4.1.121.Final in Informix 14.10.XC12. Vulnerability Details CVEID:CVE-2024-47535 DESCRIPTION: Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance...
TencentOS Server 4: golang (TSSA-2025:0328)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0328 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
TencentOS Server 4: exiv2 (TSSA-2024:0274)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0274 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
TencentOS Server 3: java-1.8.0-openjdk (TSSA-2022:0005)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0005 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
PT-2025-47185
Name of the Vulnerable Software and Affected Versions Glob versions 10.3.7 through 11.0.3 Description The glob command-line interface contains a command injection issue in its -c/--cmd option. This allows arbitrary command execution when processing files with maliciously crafted names. When using...
Symfony Incorrect Authorization Vulnerability (GHSA-3rg7-wf37-54rm)
Symfony is prone to an incorrect authorization vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:sensiolabs:symfony"...
AWS Advanced Python Wrapper: Privilege Escalation in Aurora PostgreSQL instance
Description of Vulnerability: An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rdssuperuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service RDS...
Fedora 44 : docker-buildx (2025-0e21b6af8e)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-0e21b6af8e advisory. Automatic update for docker-buildx-0.30.0-1.fc44. Changelog Wed Nov 12 2025 Bradley G Smith - 0.30.0-1 - Update to release v0.30.0 - Resolves:...
MAL-2025-173777 Malicious code in butry-toi-milo (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1ccbc6875111697d59681fe31c7d8ca2ae4a3534c7b0ec7694bcd55ab9e00b07 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Incorrect Authorization
Overview symfony/http-foundation is a component defines an object-oriented layer for the HTTP specification. Affected versions of this package are vulnerable to Incorrect Authorization due to the Request class improperly interpreting some PATHINFO in a way that leads to representing some URLs wit...
SUSE-SU-2025:4077-1 Security update for runc
This update for runc fixes the following issues: Update to runc v1.3.3. Upstream changelog is available from . bsc1252232 CVE-2025-31133 CVE-2025-52565 CVE-2025-52881 Update to runc v1.3.2. Upstream changelog is available from bsc1252110 - Includes an important fix for the CPUSet translation for...
PT-2025-46699
Name of the Vulnerable Software and Affected Versions Open Access Management OpenAM versions prior to 16.0.0 Description Open Access Management OpenAM contains a flaw where, if the claims parameter supported parameter is enabled, the "oidc-claims-extension.groovy" script allows injection of...
Fedora 43 : rubygem-rack (2025-b6e0f437b6)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-b6e0f437b6 advisory. Update to Rack 3.1.19 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
PT-2025-46713
Name of the Vulnerable Software and Affected Versions cups-filters versions prior to 1.28.18 Description cups-filters includes backends, filters, and other software needed for the CUPS printing service. A flaw exists where a specially crafted PDF file with a large MediaBox value can cause an...