56 matches found
SUSE CVE-2026-31594
In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-vntb: Remove duplicate resource teardown epfntbepcdestroy duplicates the teardown that the caller is supposed to perform later. This leads to an oops when .allowlink fails or when .droplink is performed. Th...
CVE-2026-41173
The AWS X-Ray Remote Sampler package provides a sampler which can get sampling configurations from AWS X-Ray. Prior to 0.1.0-alpha.8, OpenTelemetry.Sampler.AWS reads unbounded HTTP response bodies from a configured AWS X-Ray remote sampling endpoint into memory. AWSXRaySamplerClient.DoRequestAsyn...
CVE-2026-3024
CVE-2026-3024 is a Stored Cross-Site Scripting (XSS) vulnerability in the Wakyma web application, specifically at the endpoint vets.wakyma.com/configuracion/agenda/modelo-formulario-evento. The description indicates an attacker with permission to create personalized accounts can trigger a malicio...
CVE-2025-15319
Tanium addressed a local privilege escalation vulnerability in Patch Endpoint Tools...
CVE-2025-15318 Tanium addressed an arbitrary file deletion vulnerability in End-User Notifications Endpoint Tools.
Tanium addressed an arbitrary file deletion vulnerability in End-User Notifications Endpoint Tools...
CVE-2025-15318
CVE-2025-15318 concerns an arbitrary file deletion vulnerability in Tanium End-User Notifications Endpoint Tools. The public records indicate Tanium addressed the issue, with referenced advisories (e.g., TAN-2025-017) and CVSS metrics showing LOCAL attacker, high impact on integrity and availabil...
CVE-2025-15319 Tanium addressed a local privilege escalation vulnerability in Patch Endpoint Tools.
Tanium addressed a local privilege escalation vulnerability in Patch Endpoint Tools...
CVE-2025-15319
Tanium Patch Endpoint Tools contains a local privilege escalation vulnerability. Based on the CVSS 3.1 metrics, it requires local access with low privileges and no user interaction, and yields high impact on confidentiality, integrity, and availability. The description confirms the issue is addre...
CVE-2026-1518
A flaw was found in Keycloak’s CIBA feature where insufficient validation of client-configured backchannel notification endpoints could allow blind server-side requests to internal services. Mitigation To mitigate this issue, restrict administrative access to Keycloak instances. Ensure that only...
Security Updates for Microsoft Endpoint Configuration Manager (November 2025)
The The Microsoft Endpoint Configuration Manager installed on the remote host is missing a security update. It is, therefore, affected by the following vulnerability: - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. CVE-2025-47179 Note that Ness...
Microsoft Endpoint Configuration Manager (CVE-2025-59501)
The Microsoft Endpoint Configuration Manager application installed on the remote host is missing a security hotfix documented in the vendor advisory. It is, therefore, affected by an elevation of privilege vulnerability. An attacker could exploit this vulnerability by modifying the user principal...
Microsoft Endpoint Configuration Manager (October 2025)
The Microsoft Endpoint Configuration Manager application installed on the remote host is missing a security hotfix documented in KB34503790. It is, therefore, affected by multiple vulnerabilities: - An elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges...
EUVD-2006-6882
Malware in sbrugna...
EUVD-2022-40579
Malicious code in bioql PyPI...
EUVD-2022-29407
Malicious code in bioql PyPI...
EUVD-2023-41117
Malicious code in bioql PyPI...
EUVD-2025-13995
Malicious code in bioql PyPI...
EUVD-2025-25419
Malicious code in bioql PyPI...
CVE-2025-7390 Bypass the client certificate trust check of an opc.https server while only secure communication is allowed
A malicious client can bypass the client certificate trust check of an opc.https server when the server endpoint is configured to allow only secure communication...
Microsoft Endpoint Configuration Manager RCE (KB31909343)
The Microsoft Endpoint Configuration Manager application installed on the remote host is missing a security hotfix documented in KB31909343. It is, therefore, affected by a remote code execution vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the...