MiracleLinux 8 : ruby:3.0 (AXSA:2024-8502:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8502:01 advisory. ruby/cgi-gem: HTTP response splitting in CGI CVE-2021-33621 ruby: ReDoS vulnerability in URI CVE-2023-28755 ruby: ReDoS vulnerability in Time...

MiracleLinux 7 : php-5.4.16-48.0.2.el7.AXS7 (AXSA:2024-8986:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8986:03 advisory. CVE-2024-8927: Fix bypass of cgi.forceredirect configuration CVE-2024-8927 In PHP versions 8.1. before 8.1.30, 8.2. before 8.2.24, 8.3. before 8.3.12,...

MiracleLinux 9 : php:8.1 (AXSA:2024-9437:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-9437:01 advisory. php: host/secure cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756 php: passwordverify can erroneously return true, opening ATO risk...

CVE-2026-1192

A vulnerability was determined in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unknown function of the file /cgi-bin/imodealldata.php. Executing a manipulation of the argument DevId can lead to command injection. The attack can be executed remotely. The exploi...

USN-7968-1: Apache HTTP Server vulnerabilities

It was discovered that the Apache HTTP Server incorrectly handled failed ACME certificate renewals. This could result in renewal attempts to be repeated without delays, possibly leading to a denial of service. CVE-2025-55753 Anthony Parfenov discovered that the Apache HTTP Server would pass the...

CVE-2026-1158 Totolink LR350 POST Request cstecgi.cgi setWizardCfg buffer overflow

A security flaw has been discovered in Totolink LR350 9.3.5u.6369B20220309. This vulnerability affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Performing a manipulation of the argument ssid results in buffer overflow. The attack can be...

EUVD-2026-3222

A vulnerability was determined in Totolink LR350 9.3.5u.6369B20220309. Affected by this issue is the function setWiFiBasicCfg of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument ssid causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been...

CVE-2026-1143

A weakness has been identified in TOTOLINK A3700R 9.1.2u.5822B20200513. This affects the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument ssid can lead to buffer overflow. The attack may be launched remotely. The exploit has been made availab...

MiracleLinux 7 : rh-ruby26-ruby-2.6.9-120.el7 (AXSA:2022-3091:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3091:01 advisory. rubygem-bundler: Dependencies of gems with explicit source may be installed from a different source CVE-2020-36327 rubygem-rdoc: Command injection...

MiracleLinux 4 : perl-5.10.1-130.AXS4 (AXSA:2013-320:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-320:01 advisory. Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is...

Synology DiskStation Manager Out-of-bounds Write (CVE-2024-45539)

Out-of-bounds write vulnerability in cgi components in Synology DiskStation Manager DSM before 7.2.1-69057-2 and 7.2.2-72806 and Synology Unified Controller DSMUC before 3.1.4-23079 allows remote attackers to conduct denial-of-service attacks via unspecified vectors. This plugin only works with...

TOTOLINK LR350 Command Injection Vulnerability

TOTOLINK LR350 is a wireless router produced by TOTOLINK Corporation. The TOTOLINK LR350 9.3.5u.6369B20220309 version has a command injection vulnerability. This vulnerability stems from incorrect handling of the parameter “ip” in the file /cgi-bin/cstecgi.cgi, which may lead to command injection...

MiracleLinux 4 : php-5.3.3-48.AXS4 (AXSA:2016-621:04)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-621:04 advisory. PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated webpages. PHP also offers built-in...

openSUSE 16 Security Update : apache2 (openSUSE-SU-2026:20030-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20030-1 advisory. - CVE-2025-55753: Fixed modmd ACME, unintended retry intervals bsc1254511 - CVE-2025-58098: Fixed Server Side Includes adds query string to exec...

Security update for apache2 (moderate)

openSUSE security update: security update for apache2 ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20030-1 Rating: moderate References: bsc1254511 bsc1254512 bsc1254514 bsc1254515 Cross-References: CVE-2025-55753 CVE-2025-58098 CVE-2025-65082...

SUSE-SU-2026:20081-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2025-55753: Fixed modmd ACME, unintended retry intervals bsc1254511 - CVE-2025-58098: Fixed Server Side Includes adds query string to exec cmd bsc1254512 - CVE-2025-65082: Fixed CGI environment variable override bsc1254514 - CVE-2025-66200...

OPENSUSE-SU-2026:20030-1 Security update for apache2

This update for apache2 fixes the following issues: - CVE-2025-55753: Fixed modmd ACME, unintended retry intervals bsc1254511 - CVE-2025-58098: Fixed Server Side Includes adds query string to exec cmd bsc1254512 - CVE-2025-65082: Fixed CGI environment variable override bsc1254514 - CVE-2025-66200...

MiracleLinux 4 : perl-5.10.1-119.AXS4 (AXSA:2011-570:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-570:01 advisory. Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is...

MiracleLinux 3 : python-2.4.3-44.0.1.AXS3 (AXSA:2011-183:01)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2011-183:01 advisory. Python is an interpreted, interactive, object-oriented programming language often compared to Tcl, Perl, Scheme or Java. Python includes modules,...

MiracleLinux 3 : php-5.1.6-34.0.1.AXS3 (AXSA:2012-548:04)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-548:04 advisory. PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated webpages. PHP also offers built-in...