CVE-2026-50052

In Vinyl Cache before 9.0.1 and Varnish Cache before 9.0.3, a deficiency in HTTP/2 request parsing can be exploited to launch a backend request desync attack request smuggling, which in turn can be used for cache poisoning, authentication bypass, or possibly even information disclosure and...

MINI-47HP-52X6-VXFJ

Bulletin has no description...

SUSE SLES15 Security Update : mozjs52 (SUSE-SU-2026:1742-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1742-1 advisory. This update for mozjs52 fixes the following issues - CVE-2026-32776: libexpat: NULL pointer dereference when processing empty external paramete...

Security update for mozjs52

This update for mozjs52 fixes the following issues CVE-2026-32776: libexpat: NULL pointer dereference when processing empty external parameter entities inside an entity declaration value bsc1259728. CVE-2026-32777: libexpat: denial of service due to infinite loop in DTD content parsing bsc1259713...

MINI-52CM-6C68-JJW3

Bulletin has no description...

EUVD-2026-9382

Missing Authentication for Critical Function CWE-306 vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker can use the Core protocol to force a target broker to establish an outbound Core federation connection to an attacker-controlled rogue broker. This cou...

CVE-2025-13375

IBM Common Cryptographic Architecture CCA 7.5.52 and 8.4.82 could allow an unauthenticated user to execute arbitrary commands with elevated privileges on the system...

MiracleLinux 8 : postgresql:10 (AXSA:2022-3788:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3788:01 advisory. postgresql: Autovacuum, REINDEX, and others omit security restricted operation sandbox CVE-2022-1552 Tenable has extracted the preceding description block...

SUSE SLES15 / openSUSE 15 Security Update : mozjs52 (SUSE-SU-2025:4512-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:4512-1 advisory. - CVE-2024-45491: Fixed integer overflow in dtdCopy bsc1230037 - CVE-2024-50602: Fixed DoS via XMLResumeParser bsc1232599 -...

CVE-2025-68430 CVAT vulnerable to directory traversal via mounted share listing

CVAT is an open source interactive video and image annotation tool for computer vision. In versions 2.8.1 through 2.52.0, an attacker with an account on a CVAT instance is able to retrieve the contents of any file system directory accessible to the CVAT server. The exposed information is names of...

CVE-2025-62593

Ray is an AI compute engine. Prior to version 2.52.0, developers working with Ray as a development tool can be exploited via a critical RCE vulnerability exploitable via Firefox and Safari. This vulnerability is due to an insufficient guard against browser-based attacks, as the current defense us...

Mozilla Firefox < 52.0

The version of Firefox installed on the remote Windows host is prior to 52.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2017-05 advisory. - Mozilla developers and community members Carsten Book, Calixte Denizet, Christian Holler, Andrew McCreight, David Bolte...

KLA90930 OSI vulnerability in Git for Windows

Information disclosure vulnerability was found in Git for Windows. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories Git for Windows 2.52.0 Exploitation Related products Git-for-Windows CVE list CVE-2025-66413 high Solution Update to the latest...

EUVD-2025-69722

Malicious code in iwan-serimuka52-ruro npm...

MAL-2025-47467 Malicious code in internallib_v52 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f4d4bce17702fd04e9d38d97007a2bc8b4028c77159bcd19e1565f71d7f4ada4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

EulerOS 2.0 SP10 : sqlite (EulerOS-SA-2025-2115)

According to the versions of the sqlite package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. Thi...

Medium: rust

Issue Overview: There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above. CVE-2025-6965 Affected Packages: rust...

TencentOS Server 3: sqlite (TSSA-2025:0687)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0687 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

Linux Distros Unpatched Vulnerability : CVE-2017-7810

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Memory safety bugs were reported in Firefox 55 and Firefox ESR 52.3. Some of these bugs showed evidence of memory corruption and we presume that with enough...

CVE-2024-1861

The Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the antihackertruncatescantable function in all versions up to, and including, 4.52. This mak...