MiracleLinux 8 : file-5.33-20.el8 (AXSA:2021-2595:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2595:03 advisory. file: heap-based buffer overflow in cdfreadpropertyinfo in cdf.c CVE-2019-18218 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : file-5.39-16.el9 (AXSA:2024-7765:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7765:01 advisory. file: stack-based buffer over-read in filecopystr in funcs.c CVE-2022-48554 Tenable has extracted the preceding description block directly from the...

EUVD-2003-1082

Malware in sbrugna...

EUVD-2025-25787

Malicious code in bioql PyPI...

CVE-2025-10941

A vulnerability was determined in Topaz SERVCore Teller 2.14.0-RC2/2.14.1. Affected by this issue is some unknown functionality of the file SERVCoreTeller2.0.40D.msi of the component Installer. Executing manipulation can lead to permission issues. The attack needs to be launched locally. You shou...

Embedded Malicious Code

Overview @ctrl/torrent-file is a package to parse a torrent file and read encoded data. Affected versions of this package are vulnerable to Embedded Malicious Code. Compromised versions of this package contain a file called bundle.js that exfiltrates secrets from the user's accounts, including...

CVE-2025-9461

A weakness has been identified in diyhi bbs up to 6.8. The impacted element is an unknown function of the file src/main/java/cms/web/action/filePackage/FilePackageManageAction.java of the component File Compression Handler. This manipulation of the argument idGroup causes information disclosure...

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack via the dir parameter. An attacker can cause files or directories to be written to arbitrary locations by supplying a crafted symbolic link that resolves outside the intended temporary directory. PoC const tmp =...

Photon OS 3.0: File PHSA-2019-3.0-0037

An update of the file package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-3.0-0037. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

RHEL 8 : file (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - file: out-of-bounds read in docorenote in readelf.c CVE-2019-8906 - docorenote in readelf.c in libmagic.a...

RHEL 9 : file (RHSA-2024:2512)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2512 advisory. The file command is used to identify a particular file according to the type of data the file contains. It can identify many different file types,...

CentOS 9 : file-5.39-16.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the file-5.39-16.el9 build changelog. - File before 5.43 has an stack-based buffer over-read in filecopystr in funcs.c. NOTE: File is the name of an Open Source project. CVE-2022-48554 Note...

EulerOS 2.0 SP11 : file (EulerOS-SA-2023-3027)

According to the versions of the file packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - File before 5.43 has an stack-based buffer over-read in filecopystr in funcs.c. NOTE: 'File' is the name of an Open Source project. CVE-2022-48554...

EulerOS Virtualization 2.10.0 : file (EulerOS-SA-2023-3467)

According to the versions of the file packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - File before 5.43 has an stack-based buffer over-read in filecopystr in funcs.c. NOTE: 'File' is the name of an Open Source project...

EulerOS 2.0 SP11 : file (EulerOS-SA-2023-3004)

According to the versions of the file packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - File before 5.43 has an stack-based buffer over-read in filecopystr in funcs.c. NOTE: 'File' is the name of an Open Source project. CVE-2022-48554...

EulerOS 2.0 SP10 : file (EulerOS-SA-2023-3171)

According to the versions of the file packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - File before 5.43 has an stack-based buffer over-read in filecopystr in funcs.c. NOTE: 'File' is the name of an Open Source project. CVE-2022-48554...

EulerOS Virtualization 2.11.0 : file (EulerOS-SA-2023-3375)

According to the versions of the file packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - File before 5.43 has an stack-based buffer over-read in filecopystr in funcs.c. NOTE: 'File' is the name of an Open Source project...

EulerOS 2.0 SP10 : file (EulerOS-SA-2023-3206)

According to the versions of the file packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - File before 5.43 has an stack-based buffer over-read in filecopystr in funcs.c. NOTE: 'File' is the name of an Open Source project. CVE-2022-48554...

EulerOS Virtualization 2.11.1 : file (EulerOS-SA-2023-3356)

According to the versions of the file packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - File before 5.43 has an stack-based buffer over-read in filecopystr in funcs.c. NOTE: 'File' is the name of an Open Source project...

Huawei EulerOS: Security Advisory for file (EulerOS-SA-2023-3467)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...