PT-2026-3600

A reflected cross-site scripting xss vulnerability exists in the existingUser functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...

PT-2026-3615

Multiple reflected cross-site scripting xss vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these vulnerabilities.This...

MedDream PACS Premium 跨站脚本漏洞

MedDream PACS Premium is an enterprise-class image storage and management server suite from MedDream. MedDream PACS Premium suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input in config.php. An attacker can exploit this vulnerability to...

PT-2026-3596

A reflected cross-site scripting xss vulnerability exists in the modifyHL7Route functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...

MiracleLinux 8 : thunderbird-115.14.0-1.el8_10.ML.1 (AXSA:2024-8693:19)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-8693:19 advisory. Thunderbird: 115.14/128.1 mozilla: Fullscreen notification dialog can be obscured by document content CVE-2024-7518 mozilla: Out of bounds memory...

MiracleLinux 8 : firefox-102.5.0-1.el8.ML.1 (AXSA:2023-4657:01)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-4657:01 advisory. Mozilla: Service Workers might have learned size of cross-origin media files CVE-2022-45403 Mozilla: Fullscreen notification bypass CVE-2022-45404...

MiracleLinux 8 : nodejs:12 (AXSA:2020-792:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-792:01 advisory. nodejs-dot-prop: prototype pollution CVE-2020-8116 nodejs: HTTP request smuggling due to CR-to-Hyphen conversion CVE-2020-8201 npm: Sensitive...

MedDream PACS Premium 安全漏洞

MedDream PACS Premium is an enterprise-class image storage and management server suite from MedDream. MedDream PACS Premium suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input by the autoPurge feature. An attacker could exploit the...

MedDream PACS Premium 安全漏洞

MedDream PACS Premium is an enterprise-class image storage and management server suite from MedDream. MedDream PACS Premium suffers from a cross-site scripting vulnerability that is caused by improper validation of user-supplied input by the Download Zip feature. An attacker could exploit the...

MedDream PACS Premium security vulnerability

MedDream PACS Premium is an enterprise-level image storage and management server suite developed by MedDream Corporation. Version 7.3.6.870 of MedDream PACS Premium contains a security vulnerability, which stems from a reflection-type cross-site scripting vulnerability in the modifyHL7App functio...

PT-2026-3614

Multiple reflected cross-site scripting xss vulnerabilities exist in the config.php functionality of MedDream PACS Premium 7.3.6.870. Specially crafted malicious URLs can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger these vulnerabilities.This...

PT-2026-3592

A reflected cross-site scripting xss vulnerability exists in the sendOruReport functionality of MedDream PACS Premium 7.3.6.870. A specially crafted malicious URL can lead to arbitrary javascript code execution. An attacker can provide a crafted URL to trigger this vulnerability...

MiracleLinux 8 : go-toolset:rhel8 (AXSA:2023-6204:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6204:02 advisory. golang: html/template: improper handling of JavaScript whitespace CVE-2023-24540 Tenable has extracted the preceding description block directly from the...

MiracleLinux 9 : firefox-115.11.0-1.el9_4.ML.1 (AXSA:2024-8277:19)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8277:19 advisory. firefox: Arbitrary JavaScript execution in PDF.js CVE-2024-4367 firefox: IndexedDB files retained in private browsing mode CVE-2024-4767 firefox:...

MiracleLinux 8 : thunderbird-102.5.0-2.el8.ML.1 (AXSA:2023-4654:01)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-4654:01 advisory. Mozilla: Service Workers might have learned size of cross-origin media files CVE-2022-45403 Mozilla: Fullscreen notification bypass CVE-2022-45404...

PT-2026-3544

Name of the Vulnerable Software and Affected Versions na1.foxitesign.foxit.com versions prior to 2026-01-16 Description The software embeds URL parameters directly into JavaScript code and HTML attributes without proper encoding or sanitization. This allows attackers to inject arbitrary scripts...

MiracleLinux 8 : thunderbird-115.4.1-1.el8.ML.1 (AXSA:2023-6571:31)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2023-6571:31 advisory. Mozilla: Queued up rendering could have allowed websites to clickjack CVE-2023-5721 Mozilla: Memory safety bugs fixed in Firefox 119, Firefox ESR...

MiracleLinux 7 : firefox-91.3.0-1.0.1.el7.AXS7 (AXSA:2021-2530:32)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2530:32 advisory. Mozilla: Use-after-free in HTTP2 Session object Mozilla: Memory safety bugs fixed in Firefox 94 and Firefox ESR 91.3 Mozilla: iframe sandbox rules d...

chromium -- multiple security fixes

Chrome Releases reports: This update includes 1 security fix: 473851441 High CVE-2026-1220: Race in V8. Reported by @p1nky4745 on 2026-01-07...

Security update for MozillaThunderbird

This update for MozillaThunderbird fixes the following issues: MFSA 2026-05 bsc1256340: CVE-2026-0877: Mitigation bypass in the DOM in Security component CVE-2026-0878: Sandbox escape due to incorrect boundary conditions in the Graphics in CanvasWebGL component CVE-2026-0879: Sandbox escape due t...