Huawei EulerOS: Security Advisory for libarchive (EulerOS-SA-2026-1398)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libarchive (EulerOS-SA-2026-1281)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2025-60753

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libarchive bsdtar before version 3.8.1 in function applysubstitution in file tar/subst.c when processing crafted -s substitution rule...

CVE-2025-48924 affecting package apache-commons-lang3 for versions less than 3.8.1-6

CVE-2025-48924 affecting package apache-commons-lang3 for versions less than 3.8.1-6. A patched version of the package is available...

CVE-2024-30473

Dell ECS, versions prior to 3.8.1, contain a privilege elevation vulnerability in user management. A remote high privileged attacker could potentially exploit this vulnerability, gaining access to unauthorized end points...

PT-2024-22818 · Unknown · Ninja Forms

Name of the Vulnerable Software and Affected Versions: Ninja Forms versions prior to 3.8.1 Description: The issue is related to a cross-site scripting vulnerability in custom fields for labels. If exploited, an arbitrary script may be executed on the web browser of the user accessing the website...

PT-2024-5195 · Dell · Dell Ecs

Name of the Vulnerable Software and Affected Versions: Dell ECS versions prior to 3.8.1 Description: The issue is related to insufficient access control in the Dell EMC Elastic Cloud Storage ECS platform, which can be exploited by a remote attacker to elevate their privileges. A high-privileged...

Apache James Input Validation Error Vulnerability

Apache James is an open source Smtp and Pop3 mail transfer agent and Nntp news server from the Apache Foundation written entirely in Java. An input validation error vulnerability exists in Apache James versions prior to 3.8.1 and prior to 3.7.5, which stems from a difference in line separator...

CVE-2024-1309

Uncontrolled Resource Consumption vulnerability in Honeywell Niagara Framework on Windows, Linux, QNX allows Content Spoofing.This issue affects Niagara Framework: before Niagara AX 3.8.1, before Niagara 4.1...

CVE-2023-2032

The Custom 404 Pro WordPress plugin before 3.8.1 does not properly sanitize database inputs, leading to multiple SQL Injection vulnerabilities...

security flaw

Multiple vulnerabilities in libtiff before 3.8.1 allow context-dependent attackers to cause a denial of service via a TIFF image that triggers errors in 1 the TIFFFetchAnyArray function in a tifdirread.c; 2 certain "codec cleanup methods" in b tiflzw.c, c tifpixarlog.c, and d tifzip.c; 3 and...

security flaw

Double free vulnerability in tifjpeg.c in libtiff before 3.8.1 allows context-dependent attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted TIFF image that triggers errors related to "setfield/getfield methods in cleanup functions."...

CVE-2006-2120

The TIFFToRGB function in libtiff before 3.8.1 allows remote attackers to cause a denial of service crash via a crafted TIFF image with Yr/Yg/Yb values that exceed the YCR/YCG/YCB values, which triggers an out-of-bounds read...