163 matches found
Vulnerabilities fixed in HPE StoreOnce Software
HPE has fixed vulnerabilities in HPE StoreOnce Software. The vulnerabilities include command injection and remote code execution, which can lead to unauthorized access and control of affected systems. In addition, there are vulnerabilities for authentication bypass, directory traversal and...
Fedora: Security Advisory (FEDORA-2024-401f10a92f)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2022-39383
KubeVela is an open source application delivery platform. Users using the VelaUX APIServer could be affected by this vulnerability. When using Helm Chart as the component delivery method, the request address of the warehouse is not restricted, and there is a blind SSRF vulnerability. Users who're...
CVE-2021-34610
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager versions: Prior to 6.10.0, 6.9.6 and 6.8.9. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability...
VMSA-2025-0009 : VMware Cloud Foundation updates address multiple vulnerabilities (CVE-2025-41229, CVE-2025-41230, CVE-2025-41231)
Advisory ID: | VMSA-2025-0009 ---|--- Advisory Severity: | Important CVSSv3 Range: | 7.3-8.2 Synopsis: | VMware Cloud Foundation updates address multiple vulnerabilities CVE-2025-41229, CVE-2025-41230, CVE-2025-41231 Issue date: | 2025-05-20 Updated on: | 2025-05-20 Initial Advisory CVEs |...
Oracle Linux 8 : .NET / 9.0 (ELSA-2025-7571)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2025-7571 advisory. 9.0.106-1.0.1 - Add support for Oracle Linux 9.0.106-1 - Update to .NET SDK 9.0.106 and Runtime 9.0.5 - Resolves: RHEL-89451 9.0.105-2 - Update to .NET SDK...
Alibaba Cloud Linux 3 : 0064: compat-exiv2-026 (ALINUX3-SA-2021:0064)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2021:0064 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2021-31291: REJECT DO NOT USE THIS CANDIDATE...
Alibaba Cloud Linux 3 : 0249: osbuild-composer (ALINUX3-SA-2024:0249)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0249 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-34156: Calling Decoder.Decode on a message...
Alibaba Cloud Linux 3 : 0022: mariadb:10.5 (ALINUX3-SA-2025:0022)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0022 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-22084: Vulnerability in the MySQL...
Alibaba Cloud Linux 3 : 0153: texlive (ALINUX3-SA-2023:0153)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2023:0153 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-32700: LuaTeX before 1.17.0 allows executi...
Alibaba Cloud Linux 3 : 0022: tigervnc (ALINUX3-SA-2023:0022)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2023:0022 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-0494: RESERVED This candidate has been...
Alibaba Cloud Linux 3 : 0089: postgresql-jdbc (ALINUX3-SA-2024:0089)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0089 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2024-1597: pgjdbc, the PostgreSQL JDBC Driver,...
Alibaba Cloud Linux 3 : 0068: libpq (ALINUX3-SA-2024:0068)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2024:0068 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-41862: In PostgreSQL, a modified,...
Alibaba Cloud Linux 3 : 0051: qt5 (ALINUX3-SA-2024:0051)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2024:0051 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-32573: In Qt before 5.15.14, 6.0....
CVE-2025-32917
Privilege escalation in jarsignature agent plugin in Checkmk versions 2.4.0b7 beta, 2.3.0p32, 2.2.0p42, and 2.1.0p49 EOL allow user with write access to JAVAHOME/bin directory to escalate privileges...
CVE-2023-53094
In the Linux kernel, the following vulnerability has been resolved: tty: serial: fsllpuart: fix race on RX DMA shutdown From time to time DMA completion can come in the middle of DMA shutdown: : : lpuart32shutdown lpuartdmashutdown deltimersync lpuartdmarxcomplete lpuartcopyrxtotty modtimer...
CVE-2023-53037
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Bad drive in topology results kernel crash When the SAS Transport Layer support is enabled and a device exposed to the OS by the driver fails INQUIRY commands, the driver frees up the memory allocated for an interna...
CVE-2023-53117
In the Linux kernel, the following vulnerability has been resolved: fs: prevent out-of-bounds array speculation when closing a file descriptor Google-Bug-Id: 114199369...
CVE-2023-53072
In the Linux kernel, the following vulnerability has been resolved: mptcp: use the workqueue to destroy unaccepted sockets Christoph reported a UaF at token lookup time after having refactored the passive socket initialization part: BUG: KASAN: use-after-free in tokenbucketbusy+0x253/0x260 Read o...
PT-2025-17705 · Gitlab · Gitlab Ce/Ee
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 16.7 through 17.9.7 GitLab CE/EE versions 17.10 through 17.10.5 GitLab CE/EE versions 17.11 through 17.11.1 Description: An issue has been discovered affecting service availability via issue preview in GitLab CE/EE. The...