Siemens Ruggedcom ROX Improper Input Validation (CVE-2018-9234)

GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with access to a signing subkey. This plugin only works with Tenable.ot. Please visit...

Siemens Ruggedcom ROX Uncontrolled Resource Consumption (CVE-2018-12934)

rememberKtype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption aka OOM. This can occur during execution of cxxfilt. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for mo...

USN-7946-2: GnuPG vulnerability

USN-7946-1 fixed vulnerabilities in GnuPG 2.x. This update provides the corresponding updates for GnuPG 1.x. Original advisory details: It was discovered that GnuPG incorrectly handled crafted input. A remote attacker could possibly use this issue to crash the program, or execute arbitrary code...

binutils: GNU Binutils Linker heap-based overflow

A head based buffer overflow flaw has been discovered in GNU bin utilities. The affected element is the function elfswapshdr in the library bfd/elfcode.h of the component Linker. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally...

binutils: GNU Binutils Linker heap-based overflow

A head based buffer overflow flaw has been discovered in GNU bin utilities. The affected element is the function elfswapshdr in the library bfd/elfcode.h of the component Linker. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally...

USN-7946-1: GnuPG vulnerability

It was discovered that GnuPG incorrectly handled crafted input. A remote attacker could possibly use this issue to crash the program, or execute arbitrary code...

golang: archive/tar: Unbounded allocation when parsing GNU sparse map

A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go...

CVE-2025-13034

When using CURLOPTPINNEDPUBLICKEY option with libcurl or --pinnedpubkey with the curl tool,curl should check the public key of the server certificate to verify the peer. This check was skipped in a certain condition that would then make curl allow the connection without performing the proper chec...

CVE-2025-13034

When using CURLOPTPINNEDPUBLICKEY option with libcurl or --pinnedpubkey with the curl tool,curl should check the public key of the server certificate to verify the peer. This check was skipped in a certain condition that would then make curl allow the connection without performing the proper chec...

gimp: GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

A heap-based buffer overflow vulnerability was discovered in GIMP’s DICOM DCM file parser. The flaw occurs because the application fails to properly validate the length of user-supplied data before copying it to a heap buffer. This can lead to arbitrary code execution when a user opens a speciall...

Moderate: Red Hat Security Advisory: grafana security update

An update for grafana is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring Syst...

golang: archive/tar: Unbounded allocation when parsing GNU sparse map

A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go...

golang: archive/tar: Unbounded allocation when parsing GNU sparse map

A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go...

RHSA-2026:0108 Red Hat Security Advisory: gcc-toolset-15-binutils security update

Bulletin has no description...

CVE-1999-0373

Buffer overflow in the "Super" utility in Debian GNU/Linux, and other operating systems, allows local users to execute commands as root...

CVE-1999-0678

A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server...

CVE-1999-0914

Buffer overflow in the FTP client in the Debian GNU/Linux netstd package...

CVE-1999-0374

Debian GNU/Linux cfengine package is susceptible to a symlink attack...

CVE-2019-16200

GNU Serveez through 0.2.2 has an Information Leak. An attacker may send an HTTP POST request to the /cgi-bin/reader URI. The attacker must include a Content-length header with a large positive value that, when represented in 32 bit binary, evaluates to a negative number. The problem exists in the...

Exploit for CVE-2025-69194

CVE-2025-69194: GNU Wget2 Path Traversal Vulnerability 📝 D...