MiracleLinux 8 : evolution-data-server-3.28.5-15.el8, evolution-ews-3.28.5-10.el8, evolution-3.28.5-16.el8 (AXSA:2021-2137:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2137:01 advisory. evolution-data-server: NULL pointer dereference related to imapxfreecapability and imapxconnecttoserver CVE-2020-16117 Tenable has extracted the preceding...

MiracleLinux 8 : glibc-2.28-251.el8.2 (AXSA:2024-8156:07)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8156:07 advisory. glibc: Out of bounds write in iconv may lead to remote code execution CVE-2024-2961 The glibc packages provide the standard C libraries libc, POSIX...

Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-44013)

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following...

MiracleLinux 8 : mod_auth_openidc:2.3 (AXSA:2023-7316:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-7316:01 advisory. modauthopenidc: Open Redirect in oidcvalidateredirecturl using tab character CVE-2022-23527 modauthopenidc: NULL pointer dereference when...

MiracleLinux 9 : libtiff-4.4.0-12.el9_4.1 (AXSA:2024-8959:05)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-8959:05 advisory. libtiff: NULL pointer dereference in tifdirinfo.c CVE-2024-7006 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 9 : httpd-2.4.57-11.el9_4 (AXSA:2024-8602:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8602:02 advisory. httpd: Improper escaping of output in modrewrite CVE-2024-38475 httpd: Substitution encoding issue in modrewrite CVE-2024-38474 httpd: null pointer...

MiracleLinux 9 : kernel-5.14.0-162.6.1.el9_1 (AXSA:2023-4648:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4648:01 advisory. off-path attacker may inject data or terminate victim's TCP session CVE-2020-36516 use-after-free vulnerability in function scosocksendmsg...

Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-53596)

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-52430)

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-53592)

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following...

Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-53589)

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-53414)

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

Qnap QTS and QuTS hero NULL Pointer Dereference (CVE-2025-52426)

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

MiracleLinux 8 : sqlite-3.26.0-11.el8 (AXSA:2020-1005:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-1005:03 advisory. sqlite: Use-after-free in window function leading to remote code execution CVE-2019-5018 sqlite: Division by zero in whereLoopAddBtreeIndex in...

MiracleLinux 8 : sqlite-3.26.0-16.el8 (AXSA:2022-3931:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3931:01 advisory. sqlite: Out of bounds access during table rename CVE-2020-35527 sqlite: Null pointer derreference in src/select.c CVE-2020-35525 Tenable has extract...

MiracleLinux 7 : audiofile-0.3.6-9.el7 (AXSA:2020-752:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-752:01 advisory. audiofile: Heap-based buffer overflow in Expand3To4Module::run when running sfconvert CVE-2018-17095 audiofile: NULL pointer dereference in...

MiracleLinux 8 : httpd:2.4 (AXSA:2022-3749:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3749:01 advisory. httpd: modproxy NULL pointer dereference CVE-2020-13950 Tenable has extracted the preceding description block directly from the MiracleLinux security advisor...

CVE-2025-63648

A NULL pointer dereference in the dacpreplyplayqueueeditmove function src/httpddacp.c of owntone-server commit b7e385f allows attackers to cause a Denial of Service DoS via sending a crafted DACP request to the server...

MiracleLinux 9 : kernel-5.14.0-427.13.1.el9_4 (AXSA:2024-8139:13)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8139:13 advisory. kernel: GSM multiplexing race condition leads to privilege escalation CVE-2023-6546 kernel: multiple use-after-free vulnerabilities CVE-2024-1086,...

CVE-2025-15535

A security flaw has been discovered in nicbarker clay up to 0.14. This affects the function ClayMeasureTextCached in the library clay.h. The manipulation results in null pointer dereference. The attack is only possible with local access. The exploit has been released to the public and may be used...