PRTG Network Monitor <20.1.57.1745 - Information Disclosure

PRTG Network Monitor before 20.1.57.1745 is susceptible to information disclosure. An attacker can obtain information about probes running or the server itself via an HTTP request, thus potentially being able to modify data and/or execute unauthorized administrative operations in the context of t...

MGASA-2026-0135 Updated dnsmasq packages fix security vulnerabilities

CVE-2026-2291: dnsmasqs extractname function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS. CVE-2026-4890: A Denial of Service DoS...

CVE-2026-42871 WeGIA: Error Handling familiar_docfamiliar

WeGIA is a web manager for charitable institutions. In versions prior to 3.7.0, atendido/familiardocfamiliar.php displays an overly descriptive error message, including database-related details. This verbosity leads to information disclosure, which could assist a potential attacker in mapping the...

Astra Linux - уязвимость в openimageio

An information disclosure vulnerability exists in the OpenImageIO::decodeiptciim functionality of OpenImageIO Project OpenImageIO v2.3.19.0. A specially-crafted TIFF file can lead to a disclosure of sensitive information. An attacker can provide a malicious file to trigger this vulnerability...

MiracleLinux 9 : thunderbird-140.9.1-1.el9_7.ML.1 (AXSA:2026-483:08)

The remote MiracleLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2026-483:08 advisory. libpng: libpng: Arbitrary code execution due to use-after-free vulnerability CVE-2026-33416 libpng: libpng: Information disclosure and denial of...

EulerOS 2.0 SP11 : samba (EulerOS-SA-2026-1622)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in Samba, in the vfsstreamsxattr module, where uninitialized heap memory could be written into alternate data streams. This allows...

CVE-2026-25584

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a stack-buffer-overflow vulnerability in CIccTagFloatNum::GetValues. This is triggered when processing a malformed ICC...

AZL-75491 CVE-2025-11065 affecting package kube-vip-cloud-provider for versions less than 0.0.2-26

A flaw was found in github.com/go-viper/mapstructure/v2, in the field processing component using mapstructure.WeakDecode. This vulnerability allows information disclosure through detailed error messages that may leak sensitive input values via malformed user-supplied data processed in...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004327)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004327 advisory. In uvcparsestandardcontrol of uvcdriver.c, there is a possible out-of-bound read due to improper input validation. This could lead to local information disclosure wi...

CVE-2024-47026

In gscgsarescue of gscgsa.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

Out-of-bounds

In updatefreqdata of TBD, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

EulerOS 2.0 SP11 : kernel (EulerOS-SA-2023-3275)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Information exposure through microarchitectural state after transient execution in certain vector execution units for some IntelR Processors may...

CVE-2023-3231

A vulnerability has been found in UJCMS up to 6.0.2 and classified as problematic. This vulnerability affects unknown code of the component ZIP Package Handler. The manipulation of the argument dir leads to information disclosure. The attack can be initiated remotely. The complexity of an attack ...

SUSE CVE-2019-11039

Function iconvmimedecodeheaders in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6 may perform out-of-buffer read due to integer overflow when parsing MIME headers. This may lead to information disclosure or crash...

Information Disclosure

opensshkeyparser is vulnerable to information disclosure. The vulnerability exists in readfixedbytes function in pascalstylebytestream.py because the exception message is not properly handled which allows an attacker to gain access to view and modify the length of a raw field value of a key...

Debian: Security Advisory (DSA-5131-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-39800

In ionioctl of ion-ioctl.c, there is a possible way to leak kernel head data due to a use after free. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

ASB-A-156766097

In spectrev2userselectmitigation of bugs.c, there is a possible failure to enable a Spectre mitigation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

UBUNTU-CVE-2020-10933

An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocketreadnonblockrequestedsize, buffer, exception: false, the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous valu...

CVE-2019-9337

In libavc there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-112204376...