Security update for pam

This update for pam fixes the following issues: Improve previous CVE-2024-10041 fix which led to CPU performance issues bsc1232234 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the...

SUSE-SU-2025:02970-1 Security update for pam

This update for pam fixes the following issues: - Improve previous CVE-2024-10041 fix which led to CPU performance issues bsc1232234...

WhatWeb Scanner 0.6.2

WhatWeb is a next-generation web scanner. WhatWeb recognizes web technologies including content management systems CMS, blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 1800 plugins, each to recognize something different...

CVE-2025-26496

Access of Resource Using Incompatible Type 'Type Confusion' vulnerability in Salesforce Tableau Server, Tableau Desktop on Windows, Linux File Upload modules allows Local Code Inclusion.This issue affects Tableau Server, Tableau Desktop: before 2025.1.3, before 2024.2.12, before 2023.3.19...

CVE-2025-26498

Unrestricted Upload of File with Dangerous Type vulnerability in Salesforce Tableau Server on Windows, Linux establish-connection-no-undo modules allows Absolute Path Traversal.This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19...

CVE-2025-26497

Unrestricted Upload of File with Dangerous Type vulnerability in Salesforce Tableau Server on Windows, Linux Flow Editor modules allows Absolute Path Traversal.This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19...

CVE-2025-26496

CVE-2025-26496 concerns a Type Confusion vulnerability in Salesforce Tableau Server and Tableau Desktop (Windows, Linux) within their File Upload modules, enabling Local Code Inclusion. Affected versions include Tableau Server/Desktop: before 2025.1.3, before 2024.2.12, before 2023.3.19. The issu...

CVE-2025-9340

Out-of-bounds Write vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java bc-fips on All API modules. This vulnerability is associated with program files org/bouncycastle/jcajce/provider/BaseCipher. This issue affects Bouncy Castle for Java: from BC-FJA 2.1.0 through 2.1.0...

cn.loyom.boot:loyom-boot-business-demo (=1.0.3-JDK21), cn.loyom.boot:loyom-boot-business-sqlite-exe-demo (=1.0.3-JDK21) +101 more potentially affected by CVE-2025-9341 via org.bouncycastle:bcprov-lts8on (=2.73.7)

org.bouncycastle:bcprov-lts8on MAVEN version =2.73.7 is affected by a known vulnerability. The following packages have a transitive dependency on org.bouncycastle:bcprov-lts8on and may be impacted: - cn.loyom.boot:loyom-boot-business-demo =1.0.3-JDK21 -...

Linux Distros Unpatched Vulnerability : CVE-2019-16775

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. It is possible for packages to create symlinks to files outside of...

Linux Distros Unpatched Vulnerability : CVE-2022-1049

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Pacemaker configuration tool pcs. The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using...

Linux Distros Unpatched Vulnerability : CVE-2025-23143

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: Fix null-ptr-deref by socklockinitclassandname and rmmod. When I ran the repro 0 and waited a few seconds, I observed two LOCKDEP splats: a warning...

Linux Distros Unpatched Vulnerability : CVE-2022-24903

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used...

Linux Distros Unpatched Vulnerability : CVE-2020-13675

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Drupal's JSON:API and REST/File modules allow file uploads through their HTTP APIs. The modules do not correctly run all file validation, which causes an access...

Dissecting PipeMagic: Inside the architecture of a modular backdoor framework

Among the plethora of advanced attacker tools that exemplify how threat actors continuously evolve their tactics, techniques, and procedures TTPs to evade detection and maximize impact, PipeMagic, a highly modular backdoor used by Storm-2460 masquerading as a legitimate open-source ChatGPT Deskto...

Amazon Linux 2023 : nginx, nginx-all-modules, nginx-core (ALAS2023-2025-1152)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1152 advisory. NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the serve...

Findsploit

It is an offensive tool for searching exploit databases. The primary CVE ID is not present in the provided context. The target product/service or framework is not explicitly stated, but the tool searches for exploits in local and online databases, suggesting it is a general-purpose exploit finder...

SUSE CVE-2025-38539

In the Linux kernel, the following vulnerability has been resolved: tracing: Add downwritetraceeventsem when adding trace event When a module is loaded, it adds trace events defined by the module. It may also need to modify the modules trace printk formats to replace enum names with their values...

CVE-2025-7353

A security issue exists due to the web-based debugger agent enabled on Rockwell Automation ControlLogix® Ethernet Modules. If a specific IP address is used to connect to the WDB agent, it can allow remote attackers to perform memory dumps, modify memory, and control execution flow...

CVE-2025-9092 Hybrid Module Deployment in Multi-JVM Environments Leading to Resource Exhaustion

Uncontrolled Resource Consumption vulnerability in Legion of the Bouncy Castle Inc. Bouncy Castle for Java - BC-FJA 2.1.0 bc-fips API modules allows Excessive Allocation. This vulnerability is associated with program files org.Bouncycastle.Crypto.Fips.NativeLoader. This issue affects Bouncy Castl...