ROS-20260112-7337

A vulnerability in the auditmatchperm function of the kernel/auditsc.c module of the Linux kernel is related to insufficient input data validation. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

[R1] Nessus Version 8.15.6 Fixes Multiple Vulnerabilities

R1 Nessus Version 8.15.6 Fixes Multiple Vulnerabilities Arnie Cabral Tue, 08/09/2022 - 19:14 Two separate vulnerabilities that utilize the Audit functionality in Nessus were discovered, reported and fixed. 1. CVE-2022-32973 - An authenticated attacker could create an audit file that bypasses...

Semrush: XXE in Site Audit function exposing file and directory contents

Summary: The Project Site Audit function is vulnerable to XXE when parsing sitemap.xml files. Description: The Site Audit function spiders a given website and performs analysis on the discovered pages. In order to improve website spidering the URL of a sitemap.xml file can be provided. If provide...

IBM DB2/DB2 Connect Information Disclosure Vulnerability

IBM DB2 is a large commercial relational database system. An information disclosure vulnerability exists in IBM DB2 and IBM DB2 Connect, where an authenticated remote DB2 user can execute a series of commands to obtain passwords within ENCRYPT/DECRYPT UDF or federated DDL SQL statements via the...