Important: Red Hat Security Advisory: giflib update

Please update Please update...

Important: Red Hat Security Advisory: openexr update

Please update Please update...

MiracleLinux 8 : libsndfile-1.0.28-16.el8_10 (AXSA:2024-9429:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-9429:03 advisory. libsndfile: Segmentation fault error in oggvorbis.c:417 vorbisanalysiswrote CVE-2024-50612 Tenable has extracted the preceding description block directly fro...

PT-2025-36392

openSUSE Advisory: libsoup vulnerability CVE-2025-03091 patched. Severity: LOW. Impact: Local DoS. Action: Run sudo zypper update. Read more: 👉 https://t.co/JNYgziZl5i https://t.co/pM5GPVIlzo...

PT-2023-16288 · WordPress · Wp Dark Mode

Name of the Vulnerable Software and Affected Versions: WP Dark Mode WordPress plugin versions prior to 4.0.8 Description: The issue arises from improper sanitization of the style parameter in shortcodes, leading to Local File Inclusion. This can occur on servers where non-existent directories may...

PT-2019-2992 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: An information disclosure issue exists due to the Windows kernel's improper handling of objects in memory. This could allow an attacker to obtain information that could be used to further...

March 23, 2018—KB4088881 (Preview of Monthly Rollup)

March 23, 2018—KB4088881 Preview of Monthly Rollup Improvements and fixes This non-security update includes improvements and fixes that were a part of KB4088875 released March 13, 2018 and also includes these new quality improvements as a preview of the next Monthly Rollup update: Improves...

Out-of-band release for Security Bulletin MS15-078

Today, we released a security bulletin to provide an update for Microsoft Windows. Customers who have automatic updates enabled or apply the update, will be protected. We recommend customers apply the update as soon as possible, following the directions in the security bulletin. More information...

Thetis vulnerable to SQL injection

Overview Thetis provided by Sysphonic Co., Ltd. is an open source groupware and SNS. Thetis contains a SQL injection CWE-89 vulnerability. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An attack...

Squid input validation vulnerability

Overview Squid contains a vulnerability where inputs are not properly validated. Squid is a caching proxy server. Squid contains a vulnerability where server responses that contain invalid values in the Content-Length of the HTTP header are sent to the client. Kazuho Oku reported this vulnerabili...

LG Electronics mobile access routers lack access restrictions

Overview LG Electronics mobile access routers provided by NTT DOCOMO, INC. lack access restrictions in the web administration interface. Taiga Asano reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An attacke...

OS command injection vulnerability in multiple FUJITSU Android devices

Overview Multiple FUJITSU Android devices contain an OS command injection vulnerability. Masaaki Chida of GREE, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact An attacker with local access may obtain...

File Explorer vulnerable to directory traversal

Overview File Explorer provided by NextApp, Inc. contains an issue in processing file names, which may result in a directory traversal CWE-22 vulnerability. Ryohei Koike of Sakura Information Systems Co., Ltd. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under...

Adobe Releases Security Update for Reader Mobile

Adobe has released a security update to address a vulnerability in Adobe Reader Mobile 11.1.3 and earlier versions for Android. Exploitation of this vulnerability could allow a remote attacker to execute arbitrary code via a crafted PDF document. US-CERT recommends that users and administrators...

EC-CUBE information disclosure vulnerability

Overview EC-CUBE from LOCKON CO.,LTD. is an open source system for creating shopping websites. EC-CUBE contains an information disclosure vulnerability. Gen Sato reported this vulnerability to the developer. JPCERT/CC coordinated with the developer under Information Security Early Warning...

Google Chrome WebGL Texture Information Disclosure Vulnerability (Windows)

This host is installed with Google Chrome and is prone to information disclosure vulnerability. OpenVAS Vulnerability Test $Id: gbgooglechromewebgltextureinfodiscvulnwin.nasl 7015 2017-08-28 11:51:24Z teissa $ Google Chrome WebGL Texture Information Disclosure Vulnerability Windows Authors: Shash...

Novell eDirectory DHost HTTPSTK buffer overflow

Added: 11/23/2009 BID: 37042 Background Novell eDirectory is a directory server which implements the LDAP protocol. eDirectory for Windows, Linux, and UNIX includes the DHost program, which runs under eDirectory and provides the functionality of the NetWare operating system. Problem A buffer...

Tuigwaa cross-site scripting vulnerability

Overview Tuigwaa, from the Tuigwaa Project, contains a cross-site scripting vulnerability. Tuigwaa from the Tuigwaa Project is open source software to develop web applications. Tuigwaa contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web...

[SA15970] Xerox WorkCentre Pro Multiple Vulnerabilities

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

Microsoft Security Bulletin MS05-020 Cumulative Security Update for Internet Explorer (890923)

Microsoft Security Bulletin MS05-020 Cumulative Security Update for Internet Explorer 890923 Issued: April 12, 2005 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Windows Impact of Vulnerability: Remote Code Execution Maximum Severity Rating: Critical...