MiracleLinux 7 : flatpak-1.0.9-10.el7 (AXSA:2021-1462:04)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1462:04 advisory. flatpak: sandbox escape via spawn portal CVE-2021-21261 Tenable has extracted the preceding description block directly from the MiracleLinux security advisor...

MiracleLinux 8 : flatpak-1.12.9-1.el8_10 (AXSA:2024-8476:06)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8476:06 advisory. flatpak: sandbox escape via RequestBackground portal CVE-2024-32462 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 7 : flatpak-1.0.9-13.0.1.el7.AXS7 (AXSA:2024-8901:07)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8901:07 advisory. CVE-2024-42472: access to files outside sandbox for apps using persistent directories CVEs: CVE-2024-42472 Flatpak is a Linux application sandboxing and...

MiracleLinux 7 : php-5.4.16-48.0.8.el7.AXS7 (AXSA:2025-10753:07)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10753:07 advisory. CVE-2025-1735: add error checking for pgsql extension escape functions, mainly to fix possible issues with multi-byte encoding of Postgres databases CVEs:...

MiracleLinux 7 : flatpak-1.0.9-13.el7 (AXSA:2024-8386:04)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8386:04 advisory. flatpak: sandbox escape via RequestBackground portal CVE-2024-32462 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 9 : tracker-miners-3.1.2-4.el9_3 (AXSA:2023-7044:02)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2023-7044:02 advisory. tracker-miners: sandbox escape CVE-2023-5557 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note tha...

MiracleLinux 9 : firefox-115.6.0-1.el9_3.ML.1 (AXSA:2024-7350:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7350:02 advisory. Mozilla: Heap-buffer-overflow affecting WebGLDrawElementsInstanced method with Mesa VM driver CVE-2023-6856 Mozilla: Memory safety bugs fixed in...

MiracleLinux 8 : container-tools:4.0 (AXSA:2024-7735:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7735:01 advisory. buildah: full container escape at build time CVE-2024-1753 Tenable has extracted the preceding description block directly from the MiracleLinux security...

Exploit for OS Command Injection in Docker

!DOIhttps://img.shields.io/badge/DOI-10.5281%2Fzenodo.183047...

CLSA-2026-1768821437 pki-servlet-engine: Fix of 2 CVEs

CVE-2025-31651: fix improper neutralization of escape, meta, or control sequences - CVE-2025-55752: fix relative path traversal vulnerability...

Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: MFSA 2026-05 bsc1256340: CVE-2026-0877: Mitigation bypass in the DOM in Security component CVE-2026-0878: Sandbox escape due to incorrect boundary conditions in the Graphics in CanvasWebGL component CVE-2026-0879: Sandbox escape due t...

Code Injection

Enclave is vulnerable to Code Injection. The vulnerability is due to exposure of a host-side Error object with an intact prototype chain to sandboxed code, which allows an attacker to traverse to the host Function constructor and execute arbitrary code in the Node.js host runtime...

PT-2026-3507

Name of the Vulnerable Software and Affected Versions Alchemy versions prior to 7.4.12 Alchemy versions prior to 8.0.3 Description Alchemy, a Ruby on Rails content management system, allows an authenticated attacker to execute arbitrary system commands on the host operating system. The applicatio...

MiracleLinux 8 : flatpak-1.8.5-5.el8 (AXEA:2022-2960:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXEA:2022-2960:02 advisory. - Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. In versions prior to 1.10.4 and 1.12.0, Flatpak apps...

MiracleLinux 8 : samba-4.11.2-13.el8 (AXSA:2020-904:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-904:04 advisory. samba: Combination of parameters and permissions can allow user to escape from the share path definition CVE-2019-10197 samba: smb client vulnerable ...

CVE-2026-0863 Sandbox escape in n8n Python task runner allows for arbitrary code execution on the underlying host.

Using string formatting and exception handling, an attacker may bypass n8n's python-task-executor sandbox restrictions and run arbitrary unrestricted Python code in the underlying operating system. The vulnerability can be exploited via the Code block by an authenticated user with basic permissio...

CVE-2026-0863 Sandbox escape in n8n Python task runner allows for arbitrary code execution on the underlying host.

Using string formatting and exception handling, an attacker may bypass n8n's python-task-executor sandbox restrictions and run arbitrary unrestricted Python code in the underlying operating system. The vulnerability can be exploited via the Code block by an authenticated user with basic permissio...

CVE-2026-0863

CVE-2026-0863 affects n8n’s python-task-executor sandbox. A crafted payload via the Code block, by an authenticated user with basic permissions, can bypass sandbox restrictions through string formatting and exception handling, enabling arbitrary Python code execution on the host in Internal execu...

SUSE CVE-2024-6717

HashiCorp Nomad and Nomad Enterprise 1.6.12 up to 1.7.9, and 1.8.1 archive unpacking during migration is vulnerable to path escaping of the allocation directory. This vulnerability, CVE-2024-6717, is fixed in Nomad 1.6.13, 1.7.10, and 1.8.2...

FreeBSD : Mozilla -- multiple vulnerabilities (085101eb-f212-11f0-9ca3-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 085101eb-f212-11f0-9ca3-b42e991fc52e advisory. Memory safety bugs present in firefox-esr 140.6, Thunderbird ESR 140.6, Firefox 146 and...