MedDream PACS Premium 安全漏洞

MedDream PACS Premium is an enterprise-class image storage and management server suite from MedDream. A cross-site scripting vulnerability exists in MedDream PACS Premium and is caused by improper validation of user-supplied input by the Modify Anonymization feature. An attacker could exploit the...

MiracleLinux 9 : squid-5.5-13.el9_4 (AXSA:2024-8595:05)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-8595:05 advisory. squid: vulnerable to a Denial of Service attack against Cache Manager error responses CVE-2024-23638 squid: Out-of-bounds write error may lead to...

MiracleLinux 8 : grafana-7.5.15-4.el8.ML.1 (AXSA:2023-6073:05)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6073:05 advisory. golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters CVE-2022-2880 golang: net/http: handle server errors after...

MiracleLinux 4 : thunderbird-68.10.0-1.AXS4 (AXSA:2020-225:05)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2020-225:05 advisory. Mozilla: Information disclosure due to manipulated URL object CVE-2020-12418 Mozilla: Use-after-free in nsGlobalWindowInner CVE-2020-12419 Mozilla:...

MiracleLinux 9 : toolbox-0.0.99.3-9.el9 (AXSA:2023-5654:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5654:01 advisory. golang: net/http: handle server errors after sending GOAWAY CVE-2022-27664 golang: net/http: An attacker can cause excessive memory growth in a Go...

MiracleLinux 7 : shim-signed-15.8-1.el7, shim-15.8-3.el7 (AXSA:2024-7742:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7742:01 advisory. shim: RCE in http boot support may lead to Secure Boot bypass CVE-2023-40547 shim: Interger overflow leads to heap buffer overflow in...

MiracleLinux 9 : libtiff-4.4.0-2.el9 (AXSA:2022-4563:04)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-4563:04 advisory. libtiff: Denial of Service via crafted TIFF file CVE-2022-0561 libtiff: Null source pointer lead to Denial of Service via crafted TIFF file...

ROS-20260120-7364

A vulnerability in the ibftattrshownic driver function drivers/firmware/iscsiibft.c of the Linux kernel is related to read errors outside of buffer boundaries. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

MiracleLinux 8 : container-tools:4.0 (AXSA:2023-5976:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5976:02 advisory. golang: net/http: improper sanitization of Transfer-Encoding header CVE-2022-1705 golang: go/parser: stack exhaustion in all Parse functions...

ROS-20260120-7305

A vulnerability in the tcp component of the Linux operating system kernel is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Node.js security vulnerabilities

Node.js is an open-source, cross-platform JavaScript runtime environment developed by the Node.js community. There are security vulnerabilities in Node.js, which stem from unhandled TLSSocket errors when processing malformed HTTP/2 HEADERS frames. These vulnerabilities can lead to process crashes...

ROS-20260120-7313

A vulnerability in the genelinkbind function drivers/net/usb/gl620a.c of the Linux operating system kernel is related to resource management errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

Mozilla Firefox and Mozilla Firefox ESR Buffer Overflow Vulnerability (CNVD-2026-11800)

Mozilla Firefox is an open source web browser from the Mozilla Foundation, USA.Mozilla Firefox ESR is an extended support version of Firefox web browser from the Mozilla Foundation, USA. Mozilla Firefox and Mozilla Firefox ESR suffer from a buffer overflow vulnerability caused by incorrect bounda...

MiracleLinux 8 : opensc-0.20.0-2.el8 (AXSA:2021-1113:01)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-1113:01 advisory. opensc: Out-of-bounds access of an ASN.1 Bitstring in decodebitstring in libopensc/asn1.c CVE-2019-15945 opensc: Out-of-bounds access of an ASN.1...

ROS-20260119-7359

A vulnerability in the arch/x86/kvm/hyperv.c component of the Linux operating system kernel is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260119-7303

A vulnerability in the mxc-jpeg.c component of the Linux operating system kernel is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260119-7388

A vulnerability in the rprocalloc function of the remoteproc driver drivers/remoteproc/remoteproccore.c of the Linux kernel is related to resource management errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260119-7330

A vulnerability in the vidtvbridge.c component of the Linux kernel is related to pointer dereferencing errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

ROS-20260119-7383

A vulnerability in the net/batman-adv components of the Linux operating system kernel is related to thread locking errors. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

FreeBSD : oauth2-proxy -- multiple vulnerabilities (fb561db9-0fc1-4d92-81a2-ee01839c9119)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the fb561db9-0fc1-4d92-81a2-ee01839c9119 advisory. Within HostnameError.Error, when constructing an error string, there is no limit to the number...