CVE-2026-23741

Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, the asterisk/contrib/scripts/astcoredumper runs as root, as noted by the NOTES tag on line 689 of the astcoredumper file. The script will source the conten...

CVE-2026-23741

Asterisk is an open source private branch exchange and telephony toolkit. Prior to versions 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2, the asterisk/contrib/scripts/astcoredumper runs as root, as noted by the NOTES tag on line 689 of the astcoredumper file. The script will source the conten...

Mozilla Firefox < 146.0.1

The version of Firefox installed on the remote Windows host is prior to 146.0.1. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-98 advisory. - Memory safety bugs present in Firefox 146. Some of these bugs showed evidence of memory corruption and we presume th...

Ubuntu: Security Advisory (USN-6658-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ILIAS <= 4.4.1 Multiple Vulnerabilities

ILIAS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ilias:ilias"; if description...

Ubuntu: Security Advisory (USN-4321-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2017:2924-1)

This update for qemu to version 2.9.1 fixes several issues. It also announces that the qed storage format will be no longer supported in SLE 15 fate324200. These security issues were fixed : - CVE-2017-15268: Qemu allowed remote attackers to cause a memory leak by triggering slow data-channel rea...

openSUSE Security Update : git-annex (openSUSE-2017-986)

This update for git-annex fixes the following issues : - CVE-2017-12976: Disallow hostname starting with a dash, which would get passed to ssh and be treated an option. This could be used by an attacker who provides a crafted repository url to cause the victim to execute arbitrary code via...

Double free

Double free vulnerability in the phpwddxprocessdata function in wddx.c in the WDDX extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via crafted XML data that is...

Gentoo Security Advisory GLSA 200504-19 (MPlayer)

The remote host is missing updates announced in advisory GLSA 200504-19. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

FreeBSD Ports: cyrus-imapd

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

PHP 3 &lt; 5 - Ini_Restore() &#039;Safe_mode&#039; / &#039;open_basedir&#039; Restriction Bypass

source: https://www.securityfocus.com/bid/19933/info PHP is prone to a 'safemode' and 'openbasedir' restriction-bypass vulnerability. Successful exploits could allow an attacker to access sensitive information or to write files in unauthorized locations. This vulnerability would be an issue in...

cyrus-imsp abook_dbname Buffer Overflow Vulnerability

The cyrus-imsp Internet Message Support Protocol daemon is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2003 Noam Rathaus Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Slackware 10.0 / 10.1 / 8.1 / 9.0 / 9.1 / current : XV (SSA:2005-195-02)

New XV image viewer packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix security issues. Format string and other issues could cause a crash or execution of arbitrary code if a specially crafted image is loaded with XV. %NASLMINLEVEL 70300 C Tenable Network Security...

DEBIAN-CVE-2004-0418

servenotify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical program data...