3078 matches found
MINI-PF63-PXQ4-GC52
Bulletin has no description...
CVE-2025-67488 SiYuan: ZipSlip -> Arbitrary File Overwrite -> RCE
SiYuan is self-hosted, open source personal knowledge management software. Versions 0.0.0-20251202123337-6ef83b42c7ce and below contain function importZipMd which is vulnerable to ZipSlips, allowing an authenticated user to overwrite files on the system. An authenticated user with access to the...
CVE-2025-14325
JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...
CVE-2023-53825
A memory leak and queue corruption vulnerability was found in the Kernel Connection Multiplexor KCM implementation in the Linux kernel. In kcmsendmsg for SOCKDGRAM sockets, when an error occurs during send, the MSGMORE queue is not properly purged. This leads to memory leaks and corrupted queue...
firefox: thunderbird: Mitigation bypass in the DOM: Core & HTML component
A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Core & HTML component...
Fedora 42 : tinygltf (2025-ac8ed4a110)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-ac8ed4a110 advisory. Update to 2.9.7 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this...
CVE-2025-45311
Insecure permissions in fail2ban-client v0.11.2 allows attackers with limited sudo privileges to perform arbitrary operations as root. NOTE: this is disputed by multiple parties because the action for a triggered rule can legitimately be an arbitrary operation as root. Thus, the software is...
Exploit for CVE-2025-55182
🔔 ⚠️Unauthorized penetratio...
Fedora 43 : gi-loadouts / kf6-kcoreaddons / kf6-kguiaddons / kf6-kjobwidgets / etc (2025-0cc929ff17)
The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-0cc929ff17 advisory. PySide6 6.10.1 update. ---- Pyside6 6.10.1 release. ---- Rebuilt with stbimage patched for two new security bugs. Tenable has extracted the preceding...
CVE-2023-52491
creationtimestamp| type| source ---|---|--- 2025-12-03 14:14:49+00:00| seen| https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8...
RHEL 7 : bind (RHSA-2025:22205)
"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:22205 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named %NASLMINLEVEL...
Fedora 43 : migrate (2025-427af3b610)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-427af3b610 advisory. - Update to 4.19.0 - Address CVEs by rebuilding with Go 1.25.4 Tenable has extracted the preceding description block directly from the Fedora securi...
MINI-6CCX-5332-8J58
Bulletin has no description...
Cross-site Scripting (XSS)
Overview jquery-multifile is a jQuery Multiple File Selection Plugin Affected versions of this package are vulnerable to Cross-site Scripting XSS via the file name processing. An attacker can execute arbitrary scripts in the context of a victim's browser by providing a file with a specially craft...
Embedded Malicious Code
Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...
Fedora 43 : kubernetes1.34 (2025-f32b1debd8)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-f32b1debd8 advisory. - Update to release v1.34.2 - Resolves: rhbz2398589, rhbz2398850, rhbz2399251, rhbz2399524 - Resolves: rhbz2407790, rhbz2408060, rhbz2408317,...
GLSA-202511-03 : qtsvg: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202511-03 qtsvg: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in qtsvg. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly from...
MINI-3VP5-G94W-VGXQ
Bulletin has no description...
Amazon Linux 2023 : firefox (ALAS2023-2025-1284)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1284 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks...
MINI-VCFF-MR56-H8CM
Bulletin has no description...