SUSE SLED15 / SLES15 Security Update : perl-Crypt-URandom (SUSE-SU-2026:1954-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:1954-1 advisory. This update for perl-Crypt-URandom fixes the following issue: - CVE-2026-2474: negative length parameter in the XS...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via improper handling of resource path matching and authorization checks. An attacker can gain unauthorized access to protected resources or perform unauthorized actions by crafting requests that exploit...

CVE-2026-29048

HumHub is an Open Source Enterprise Social Network. In version 1.18.0, a cross-site scripting vulnerability was identified in the Button component of version 1.18.0. Due to inconsistent output encoding at several points within the software, malicious scripts could be injected and executed in the...

CVE-2026-29048

HumHub is an Open Source Enterprise Social Network. In version 1.18.0, a cross-site scripting vulnerability was identified in the Button component of version 1.18.0. Due to inconsistent output encoding at several points within the software, malicious scripts could be injected and executed in the...

CVE-2025-66606

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product does not properly encode URLs. An attacker could tamper with web pages or execute malicious scripts. The affected products and versions are as follows: FAST/TOOLS Packages: RVSVRN, UNSVRN, HMIWEB,...

CVE-2019-12313

XSS exists in Shave before 2.5.3 because output encoding is mishandled during the overwrite of an HTML element...

PT-2025-52304

Name of the Vulnerable Software and Affected Versions Kentico Xperience affected versions not specified Description A CRLF injection flaw exists in Kentico Xperience due to improper encoding within the routing engine. This allows attackers to manipulate URL query string redirects. Successful...

EUVD-2019-7200

Malware in sbrugna...

EUVD-2015-1146

Malware in sbrugna...

EUVD-2020-27455

Malware in sbrugna...

EUVD-2017-6520

Malware in sbrugna...

EUVD-2021-24653

Malware in sbrugna...

EUVD-2021-2551

Malware in sbrugna...

EUVD-2019-6503

Malware in sbrugna...

EUVD-2022-5871

Malicious code in bioql PyPI...

NewStart CGSL MAIN 7.02 : ghostscript Multiple Vulnerabilities (NS-SA-2025-0085)

The remote NewStart CGSL host, running version MAIN 7.02, has ghostscript packages installed that are affected by multiple vulnerabilities: - An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code...

Important: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Container Release Update

An update is now available for Red Hat Ansible Automation Platform 2.5 Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams,...

CVE-2022-24395

SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in reflected Cross-Site Scripting XSS vulnerability...

CVE-2020-6216

SAP Business Objects Business Intelligence Platform BI Launchpad, version 4.2, does not sufficiently encode user-controlled inputs, resulting in reflected Cross-Site Scripting XSS vulnerability...

Alibaba Cloud Linux 3 : 0129: libvpx (ALINUX3-SA-2023:0129)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0129 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-44488: VP9 in libvpx before 1.13....