MiracleLinux 8 : nodejs:16 (AXSA:2023-6226:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6226:01 advisory. c-ares: 0-byte UDP payload Denial of Service CVE-2023-32067 c-ares: Buffer Underwrite in aresinetnetpton CVE-2023-31130 c-ares: Insufficient...

Double Free

Overview Affected versions of this package are vulnerable to Double Free in the Regexp compilation process. An attacker can execute arbitrary code or cause a denial of service by supplying a specially crafted regular expression source string. Remediation A fix was pushed into the master branch bu...

MiracleLinux 9 : tomcat-9.0.87-2.el9_5.1 (AXSA:2025-9840:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9840:01 advisory. tomcat: RCE due to TOCTOU issue in JSP compilation CVE-2024-50379 tomcat: Potential RCE and/or information disclosure and/or information corruption...

MiracleLinux 8 : tomcat-9.0.87-1.el8_10.3 (AXSA:2025-9846:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9846:02 advisory. tomcat: RCE due to TOCTOU issue in JSP compilation CVE-2024-50379 tomcat: Potential RCE and/or information disclosure and/or information corruption...

MiracleLinux 9 : pki-servlet-engine-9.0.50-1.el9_2.2 (AXSA:2025-10718:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10718:01 advisory. tomcat: RCE due to TOCTOU issue in JSP compilation CVE-2024-50379 Tenable has extracted the preceding description block directly from the MiracleLinux...

CVE-2022-23595

Tensorflow is an Open Source Machine Learning Framework. When building an XLA compilation cache, if default settings are used, TensorFlow triggers a null pointer dereference. In the default scenario, all devices are allowed, so flr-configproto is nullptr. The fix will be included in TensorFlow...

PT-2026-27401

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 149 Firefox ESR versions prior to 140.9 Thunderbird versions prior to 149 Thunderbird versions prior to 140.9 Description The JavaScript Engine component contains a JIT miscompilation issue. Recommendations Update...

PT-2025-53032

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the Linux kernel where the return type of the lcs start xmit function does not match the expected return type in the struct net device ops. Specifically, ndo start xmi...

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause JIT issues due to improper checks and result in an unexpected process crash...

ThreatExploiter

🔴 ThreatExploiter Automated Network Penetration Testing & E...

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox versions prior to 146 and ESR 140.6, which stems from a compilation error in the JavaScript Engine JIT component that could lead to code execution...

Mozilla Firefox和Mozilla Firefox ESR 安全漏洞

Mozilla Firefox and Mozilla Firefox ESR are both products of the Mozilla Foundation, U.S.A. Mozilla Firefox is an open source web browser.Mozilla Firefox ESR is an extended support version of Firefox web browser. A security vulnerability exists in Mozilla Firefox versions prior to 146, Firefox ES...

Mozilla -- JIT miscompilation

https://bugzilla.mozilla.org/showbug.cgi?id=1998050 reports: JIT miscompilation in the JavaScript Engine: JIT component...

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause JIT issues due to improper checks and result in an unexpected process crash...

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause JIT issues due to improper checks and result in an unexpected process crash...

webkitgtk: Processing maliciously crafted web content may lead to an unexpected process crash

A flaw was found in WebKitGTK. Processing malicious web content can cause JIT issues due to improper checks and result in an unexpected process crash...

Exploit for CVE-2025-55182

🔔 ⚠️Unauthorized penetratio...

📄 libxml2 2.9.14 (2022) Heap Buffer Overflow

libxml2 version 2.9.14 2022 proof of concept exploit for a heap buffer overflow in the xmlRegEpxFromParse function in xmlregexp.c. ============================================================================================================================================= | Title : libxml2 2.9.14...

CLSA-2025-1764580671 pki-servlet-engine: Fix of 2 CVEs

CVE-2024-50379: fix TOCTOU vulnerability in JSP compilation to prevent RCE on case insensitive file systems - CVE-2024-38286: fix issue of resource allocation without limits or throttling vulnerability in TLS handshake process - Apply skip-common-daemon patch to remove the commons-daemon.jar copy...

Mozilla Firefox Code Execution Vulnerability (CNVD-2025-28720)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a code execution vulnerability that originates from a compilation error in the JIT component of the JavaScript Engine, which can be exploited by an attacker to execute...