CVE-2025-10777 JSC R7 R7-Office Document Server downloadas path traversal

A flaw has been found in JSC R7 R7-Office Document Server up to 20250820. Impacted is an unknown function of the file /downloadas/. Executing manipulation of the argument cmd can lead to path traversal. The attack can be launched remotely. Upgrading to version 2025.3.1.923 is recommended to addre...

Malicious code in @zalastax/nolb-jsc (npm)

The package @zalastax/nolb-jsc was found to contain malicious code...

MAL-2025-12066 Malicious code in @zalastax/nolb-jsc (npm)

The package @zalastax/nolb-jsc was found to contain malicious code...

anima-pull2load (>=1.0.1 <=1.0.3), bem-register (>=1.0.0 <=1.0.5) +11 more potentially affected by CVE-2024-51091 via seajs (>=1.2.1 <=2.2.1)

seajs NPM version =1.2.1, =1.0.1, =1.0.0, =0.1.0, =1.0.0, =1.0.0, =1.0.1, =0.0.1, =1.0.7, =0.9.11, =1.1.0, =1.1.3 Source cves: CVE-2024-51091 Source advisory: OSV:GHSA-PFR4-4397-3HG8...

CVE-2024-40779

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to an unexpected process cra...

CVE-2024-40789

An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in Safari 17.6, iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, tvOS 17.6, visionOS 1.3, watchOS 10.6. Processing maliciously crafted web content may lead to an unexpected...

SUSE SLES15 / openSUSE 15 : Feature update for rabbitmq-server313, erlang26, elixir115 (SUSE-SU-SUSE-FU-2024:2078-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-SUSE-FU-2024:2078-1 advisory. rabbitmq-server was implemented with a parallel versioned RPM package at version 3.13.1 jscPED-8414: - Securi...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : sssd (SUSE-SU-2024:1941-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1941-1 advisory. - CVE-2023-3758: Fixed race condition during authorization leads to GPO policies functioning inconsistent...

CVE-2022-32919

The issue was addressed with improved UI handling. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. Visiting a website that frames malicious content may lead to UI spoofing...

SUSE: Security Advisory (SUSE-SU-2023:3934-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-48503

The issue was addressed with improved bounds checks. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing web content may lead to arbitrary code execution...

SUSE: Security Advisory (SUSE-SU-2023:3144-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

jsc-travel.lv Cross Site Scripting vulnerability OBB-3087518

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

openSUSE: Security Advisory for Recommended (SUSE-SU-2022:2831-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE: Security Advisory (SUSE-SU-2022:2614-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2022-22629

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iTunes 12.12.3 for Windows, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code execution...

Security update for libeconf, shadow and util-linux (moderate)

openSUSE Security Update: Security update for libeconf, shadow and util-linux Announcement ID: openSUSE-SU-2022:0727-1 Rating: moderate References: 1188507 1192954 1193632 1194976 SLE-23384 SLE-23402 Cross-References: CVE-2021-3995 CVE-2021-3996 CVSS scores: CVE-2021-3995 SUSE: 4.7...

WordPress <= 5.8.2 - SQL Injection (SQLi) vulnerability

SQL Injection SQLi vulnerability discovered by Ngocnb and Khuyenn GiaoHangTietKiem JSC in WordPress versions = 5.8.2. Solution Update WordPress to the latest available version at least 5.8.3...

MSHTML attack targets Russian state rocket centre and interior ministry

Malwarebytes has reason to believe that the MSHTML vulnerability listed under CVE-2021-40444 is being used to target Russian entities. The Malwarebytes Intelligence team has intercepted email attachments that are specifically targeting Russian organizations. The first template we found is designe...

openSUSE: Security Advisory for golang-github-prometheus-prometheus (openSUSE-SU-2021:2664-1)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...