Sensorweb ScadaBR 安全漏洞

Sensorweb ScadaBR is a set of open-source software developed by Sensorweb Corporation, designed for developing automated data acquisition and monitoring applications. Sensorweb ScadaBR has a security vulnerability, which stems from a reflection-type cross-site scripting issue in URL processing...

PT-2026-29059

In KubePlus 4.1.4, the mutating webhook and kubeconfiggenerator components have an SSRF vulnerability when processing the chartURL field of ResourceComposition resources. The field is only URL-encoded without validating the target address. More critically, when kubeconfiggenerator uses wget to...

CVE-2009-20008 Green Dam 3.17 URL Processing Buffer Overflow

Green Dam Youth Escort version 3.17 is vulnerable to a stack-based buffer overflow when processing overly long URLs. The flaw resides in the URL filtering component, which fails to properly validate input length before copying user-supplied data into a fixed-size buffer. A remote attacker can...

Facebook WhatsApp 安全漏洞

Facebook WhatsApp is a suite of mobile applications from Facebook Inc. in the United States that are based on the Android platform and utilize the network to deliver text messages. The application uses contact information in a smartphone to find contacts using the software to send texts, pictures...

CVE-2022-24700

An issue was discovered in WinAPRS 2.9.0. A buffer overflow in DIGI address processing for VHF KISS packets allows a remote attacker to cause a denial of service daemon crash via a malicious AX.25 packet over the air. NOTE: This vulnerability only affects products that are no longer supported by...

VulnCheck KEV: CVE-2025-2776

SysAid On-Prem contains an improper restriction of XML external entity reference vulnerability in the Server URL processing functionality, allowing for administrator account takeover and file read primitives...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets, which originates from memory corruption due to unverified processing of addresses by TME...

Linux Distros Unpatched Vulnerability : CVE-2023-0286

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1STRING but the...

Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20220304.423)

The version of AHV installed on the remote host is prior to 20220304.423. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20220304.423 advisory. - An attacker could construct a PKCS 12 cert bundle in such a way that could allow for arbitrary memory writes via...

CBL Mariner 2.0 Security Update: cloud-hypervisor / edk2 / hvloader / openssl / rust (CVE-2023-0286)

The version of cloud-hypervisor / edk2 / hvloader / openssl / rust installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-0286 advisory. - There is a type confusion vulnerability relating to X.400 addres...

A flaw was found in Ceph relating to the URL processing on RGW backends. An attacker can exploit the URL processing by providing a null URL to crash the RGW causing a denial of service.

...

Oracle Linux 7 : edk2 (ELSA-2023-13026)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-13026 advisory. - Create new 20230821 release for OL8 which includes the following fixed CVEs: CVE-2019-14560 - Update to OpenSSL 1.1.1v which includes the following...

ABB RTU500 Series, AFS series and M2M Gateway Type Confusion in embedded OpenSSL (CVE-2023-0286)

A vulnerability exists in the OpenSSL that affects the RTU500 Series product versions listed below. RTU500 series CMU Firmware versions 12.0.1 – 12.0.15 12.2.1 – 12.2.12 12.4.1 – 12.4.12 12.6.1 – 12.6.9 12.7.1 – 12.7.6 13.2.1 – 13.2.6 13.3.1 – 13.3.3 13.4.2 M2M Gateway ARM600:...

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2023-2464)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP11 : shim (EulerOS-SA-2023-2301)

According to the versions of the shim package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an...

F5 Networks BIG-IP : OpenSSL vulnerability (K000132941)

The version of F5 Networks BIG-IP installed on the remote host is prior to 15.1.10 / 16.1.4 / 17.1.1. It is, therefore, affected by a vulnerability as referenced in the K000132941 advisory. There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName...

FreeBSD : Python -- multiple vulnerabilities (d86becfe-05a4-11ee-9d4a-080027eda32c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the d86becfe-05a4-11ee-9d4a-080027eda32c advisory. - The WP Limit Login Attempts WordPress plugin through 2.6.4 prioritizes getting a visitor's I...

EulerOS Virtualization 2.11.1 : edk2 (EulerOS-SA-2023-2083)

According to the versions of the edk2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Insufficient input validation in MdeModulePkg in EDKII may allow an unauthenticated user to potentially enable escalation of...

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2023-1984)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP10 : shim (EulerOS-SA-2023-1984)

According to the versions of the shim package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - There is a type confusion vulnerability relating to X.400 address processing inside an X.509 GeneralName. X.400 addresses were parsed as an...