EUVD-2020-18958

Malware in sbrugna...

AlmaLinux 9 : libtasn1 (ALSA-2025:7077)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:7077 advisory. libtasn1: Inefficient DER Decoding in libtasn1 Leading to Potential Remote DoS CVE-2024-12133 Tenable has extracted the preceding description block directly from t...

CVE-2025-48889 Gradio Allows Unauthorized File Copy via Path Manipulation

Gradio is an open-source Python package that allows quick building of demos and web application for machine learning models, API, or any arbitrary Python function. Prior to version 5.31.0, an arbitrary file copy vulnerability in Gradio's flagging feature allows unauthenticated attackers to copy a...

CVE-2020-1888

Insufficient boundary checks when decoding JSON in handleBackslash reads out of bounds memory, potentially leading to DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 inclusive, versions between 4.9.0 and 4.32.0 inclusive, and...

Linux Distros Unpatched Vulnerability : CVE-2022-2122

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemuxinflate function which causes a segfault, or...

Azure Linux 3.0 Security Update: mysql (CVE-2024-21196)

The version of mysql installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-21196 advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: X Plugin. Supported versions tha...

openSUSE: Security Advisory for openssl (SUSE-SU-2023:3397-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for gstreamer1-plugins-good (EulerOS-SA-2022-2463)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-1923

DOS / potential heap overwrite in mkv demuxing using bzip decompression. Integer overflow in matroskademux element in bzip decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it...

SUSE-SU-2019:2956-1 Security update for qemu

This update for qemu fixes the following issues: - Remove a backslash '' escape character from 80-qemu-ga.rules bsc1153358 Unlike sles 15 or newer guests, The udev rule file of qemu guest agent in sles 12 sp4 or newer guest only needs one escape character. - Fix use-after-free in slirp...

SUSE-SU-2016:2667-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: These vulnerabilities could be triggered by processing specially crafted image files, which could lead to a process crash or resource consumtion, or potentially have unspecified futher impact. - CVE-2016-8684: Mismatch between real filesize...

acFreeProxy Cross-Site Scripting Vulnerability/Possible DoS

Product Information acFreeProxy aka "acfp" is an HTTP/1.x proxy for Microsoft Windows environments. It offers caching, and several other features, and has a plug-in format designed for extensibility. A flaw in the product may allow attackers to execute content across domains. Description The prox...

Web Server HTTP Header Memory Exhaustion DoS

It was possible to kill the web server by sending an invalid 'infinite' HTTP request that never ends, like: GET / HTTP/1.0 Referer: XXXXXXXXXXXXXXXXXXXXXXXX ... An attacker may exploit this vulnerability to make your web server crash continually if the attack saturates virtual memory on the targe...