354 matches found
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007535)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007535 advisory. In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Fix epfile null pointer access after ep enable. A race condition occurs when...
OPENSUSE-SU-2026:20410-1 Security update for exiv2
This update for exiv2 fixes the following issues: Update to exiv2 0.28.8: - CVE-2024-24826: out-of-bounds read in QuickTimeVideo: NikonTagsDecoder bsc1219870. - CVE-2024-25112: denial of service due to unbounded recursion in QuickTimeVideo: multipleEntriesDecoder bsc1219871. - CVE-2024-39695:...
MiracleLinux 8 : ghostscript-9.27-12.el8 (AXSA:2024-8321:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8321:01 advisory. ghostscript: Divide by zero in epsprintpage in gdevepsn.c CVE-2020-21710 Tenable has extracted the preceding description block directly from the MiracleLinux...
MiracleLinux 8 : python-pillow-5.1.1-16.el8 (AXSA:2021-2760:01)
The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2760:01 advisory. python-pillow: Out-of-bounds read in J2K image reader CVE-2021-25287 python-pillow: Out-of-bounds read in J2K image reader CVE-2021-25288...
SUSE CVE-2025-40315
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Fix epfile null pointer access after ep enable. A race condition occurs when ffsfuncepsenable runs concurrently with ffsdatareset. The ffsdataclear called in ffsdatareset sets ffs-epfiles to NULL before resettin...
CVE-2025-40315 usb: gadget: f_fs: Fix epfile null pointer access after ep enable.
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Fix epfile null pointer access after ep enable. A race condition occurs when ffsfuncepsenable runs concurrently with ffsdatareset. The ffsdataclear called in ffsdatareset sets ffs-epfiles to NULL before resettin...
CVE-2025-40315 usb: gadget: f_fs: Fix epfile null pointer access after ep enable.
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ffs: Fix epfile null pointer access after ep enable. A race condition occurs when ffsfuncepsenable runs concurrently with ffsdatareset. The ffsdataclear called in ffsdatareset sets ffs-epfiles to NULL before resettin...
EUVD-2025-34967
The Media Library Assistant plugin for WordPress is vulnerable to limited file reading in all versions up to, and including, 3.29 via the mla-stream-image.php file. This makes it possible for unauthenticated attackers to read the contents of arbitrary ai/eps/pdf/ps files on the server, which can...
CVE-2025-11738 Media Library Assistant <= 3.29 - Unauthenticated Limited File Read
The Media Library Assistant plugin for WordPress is vulnerable to limited file reading in all versions up to, and including, 3.29 via the mla-stream-image.php file. This makes it possible for unauthenticated attackers to read the contents of arbitrary ai/eps/pdf/ps files on the server, which can...
WordPress plugin Media Library Assistant 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin Media...
EUVD-2025-33852
The Easy Plugin Stats plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'eps' shortcode in all versions up to, and including, 2.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
CVE-2025-7652 Easy Plugin Stats <= 2.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Easy Plugin Stats plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'eps' shortcode in all versions up to, and including, 2.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...
EUVD-2020-27493
Malware in sbrugna...
EUVD-2002-2026
Malware in sbrugna...
EUVD-2020-8265
Malware in sbrugna...
EUVD-2012-5950
Malware in sbrugna...
EUVD-2020-21319
Malware in sbrugna...
EUVD-2016-9246
Malware in sbrugna...
EUVD-2020-20112
Malware in sbrugna...
EUVD-2020-9378
Malware in sbrugna...