Fedora 45 : proftpd (2026-c8173d7dcd)

The remote Fedora 45 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-c8173d7dcd advisory. Automatic update for proftpd-1.3.9a-2.fc45. Changelog Mon May 11 2026 Paul Howarth - 1.3.9a-2 - Additional escaping for avoidance of SQL injection...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaThunderbird (SUSE-SU-2025:03309-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03309-1 advisory. Update to Mozilla Thunderbird 140.3 bsc1249391. Security issues fixed: - MFSA 2025-78...

jte's HTML templates containing Javascript template strings are subject to XSS

Summary Jte HTML templates with script tags or script attributes that include a Javascript template string backticks are subject to XSS. Details The javaScriptBlock and javaScriptAttribute methods in the Escape class source do not escape backticks, which are used for Javascript template strings...

CVE-2024-9774

A vulnerability was found in python-sql where unary operators do not escape non-Expression...