97 matches found
Allocation of Resources Without Limits or Throttling
Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
Security Bulletin: Security vulnerabilities have been found in IBM Verify Identity Access OIDC Provider
Summary Security vulnerabilities have been addresed in IBM Verify Identity Access OIDC Provider Vulnerability Details CVEID:CVE-2026-39883 DESCRIPTION: OpenTelemetry-Go is the Go implementation of OpenTelemetry. From 1.15.0 to 1.42.0, the fix for CVE-2026-24051 changed the Darwin ioreg command to...
SUSE-SU-2026:21635-1 Security update for helm
This update for helm fixes the following issues Security issues: - CVE-2025-55199: crafted JSON Schema can lead to out of memory OOM termination bsc1248093. - CVE-2026-35206: github.com/helm/helm: Helm: Files written to unexpected directory via specially crafted Chart bsc1261938. Non security...
RHCOS 4 : OpenShift Container Platform 4.2.29 openshift (RHSA-2020:1527)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:1527 advisory. - kubernetes: Use of unbounded 'client' label in apiserverrequesttotal allows for memory exhaustion CVE-2020-8552 Note that Nessus has not...
RHCOS 4 : OpenShift Container Platform 4.7.53 (RHSA-2022:4965)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:4965 advisory. - cri-o: memory exhaustion on the node when access to the kube api CVE-2022-1708 Note that Nessus has not tested for this issue but has inste...
OPENSUSE-SU-2026:20655-1 Security update for helm
This update for helm fixes the following issues: Update to version 3.20.2. Security issued fixed: - CVE-2025-55199: specially crafted JSON Schema can lead to out of memory OOM termination bsc1248093. - CVE-2026-35206: specially crafted Chart will have contents extracted to immediate output...
UBUNTU-CVE-2026-33908
ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below both 7.1.2-19 and 6.9.13-44, Magick frees the memory of the XML tree via the DestroyXMLTree function; however, this process is executed recursively with no depth limit imposed. When...
Important: nodejs24
Issue Overview: Undici allows duplicate HTTP Content-Length headers when they are provided in an array with case-variant names e.g., Content-Length and content-length. This produces malformed HTTP/1.1 requests with multiple conflicting Content-Length values on the wire. Who is impacted:...
SUSE CVE-2026-31960
Quill provides simple mac binary signing and notarization from any platform. Quill before version v0.7.1 has unbounded reads of HTTP response bodies during the Apple notarization process. Exploitation requires the ability to modify API responses from Apple's notarization service, which is not...
Important: Red Hat Security Advisory: Kiali 1.73.28 for Red Hat OpenShift Service Mesh 2.6
Kiali 1.73.28 for Red Hat OpenShift Service Mesh 2.6 This update has a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section. Kiali 1.73.28, for...
EulerOS Virtualization 2.13.0 : libvirt (EulerOS-SA-2026-1643)
According to the versions of the libvirt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was discovered in libvirt in the XML file processing. More specifically, the parsing of user provided XML files was perform...
RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Important) (RHSA-2026:4460)
The remote Redhat Enterprise Linux 8 / 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:4460 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can...
RLSA-2026:3040 Important: grafana-pcp security update
The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards. Security Fixes: crypto/x509: golang: Denial of Service due to excessive resource consumption v...
Azure Linux 3.0 Security Update: ruby (CVE-2025-25186)
The version of ruby installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-25186 advisory. - Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Starting in version...
Security update for cpp-httplib (important)
openSUSE Security Update: Security update for cpp-httplib Announcement ID: openSUSE-SU-2026:0007-1 Rating: important References: 1245414 1246468 1246471 Cross-References: CVE-2025-52887 CVE-2025-53628 CVE-2025-53629 CVSS scores: CVE-2025-52887 SUSE: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:...
Improper Resource Shutdown or Release
Overview org.jenkins-ci.main:jenkins-core is an open source automation server. Affected versions of this package are vulnerable to Improper Resource Shutdown or Release via the HTTP-based CLI connections. An attacker can cause the service to become unavailable by sending corrupted connection...
EUVD-2017-4182
Malware in sbrugna...
EUVD-2017-17106
Malware in sbrugna...
EUVD-2017-4343
Malware in sbrugna...
EUVD-2017-5845
Malware in sbrugna...