180 matches found
Azure Linux 3.0 Security Update: exiv2 (CVE-2024-39695)
The version of exiv2 installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-39695 advisory. - Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of...
EUVD-2026-3580
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Parser. Supported versions that are affected are 9.0.0-9.5.0. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of...
RHEL 9 : gimp (RHSA-2026:0914)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:0914 advisory. The GIMP GNU Image Manipulation Program is an image composition and editing program. GIMP provides a large image manipulation toolbox,...
MiracleLinux 8 : python27:2.7 (AXSA:2021-2091:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2091:01 advisory. python: CRLF injection via HTTP request method in httplib/http.client CVE-2020-26116 python-urllib3: CRLF injection via HTTP request method...
MiracleLinux 7 : dovecot-2.2.36-3.el7.1 (AXSA:2019-4341:02)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-4341:02 advisory. dovecot: improper NULL byte handling in IMAP and ManageSieve protocol parsers leads to out of bounds writes CVE-2019-11500 Tenable has extracted the precedin...
MiracleLinux 4 : texlive-2007-57.AXS4 (AXSA:2012-203:01)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-203:01 advisory. TeXLive is an implementation of TeX for Linux or UNIX systems. TeX takes a text file and a set of formatting commands as input and creates a printabl...
MiracleLinux 9 : python3.9-3.9.21-2.el9 (AXSA:2025-10382:01)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10382:01 advisory. python: cpython: URL parser allowed square brackets in domain names CVE-2025-0938 Tenable has extracted the preceding description block directly from the...
CVE-2025-15504 lief-project LIEF ELF Binary Parser.tcc parse_binary null pointer dereference
A security flaw has been discovered in lief-project LIEF up to 0.17.1. Affected by this issue is the function Parser::parsebinary of the file src/ELF/Parser.tcc of the component ELF Binary Parser. The manipulation results in null pointer dereference. The attack must be initiated from a local...
CVE-2026-21502
CVE-2026-21502 affects iccDEV: prior to version 2.3.1.2, the XML tag parser can dereference a NULL pointer. This vulnerability is patched in 2.3.1.2. Red Hat and other sources confirm the issue and remediation is to upgrade to 2.3.1.2 or later. Impact details specify a NULL pointer dereference in...
AZL-73520 CVE-2025-69224 affecting package python-aiohttp 3.6.2-3
AIOHTTP is an asynchronous HTTP client/server framework for asyncio and Python. Versions 3.13.2 and below of the Python HTTP parser may allow a request smuggling attack with the presence of non-ASCII characters. If a pure Python version of AIOHTTP is installed i.e. without the usual C extensions ...
golang: archive/tar: Unbounded allocation when parsing GNU sparse map
A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go...
CVE-2025-65092
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.1, 5.4.3, and 5.3.4, when the ESP32-P4 uses its hardware JPEG decoder, the software parser lacks necessary validation checks. A specially crafted malicious JPEG image could exploit the parsing routine and trigg...
Huawei EulerOS: Security Advisory for gdk-pixbuf2 (EulerOS-SA-2025-2287)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP13 : gdk-pixbuf2 (EulerOS-SA-2025-2287)
According to the versions of the gdk-pixbuf2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the GIF parser of GdkPixbufs LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets th...
EUVD-2012-1481
Malware in sbrugna...
EUVD-2019-16298
Malware in sbrugna...
EUVD-2012-1470
Malware in sbrugna...
EUVD-2022-53141
Malicious code in bioql PyPI...
EUVD-2025-4787
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2021-45846
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw in the AMF parser of Slic3r libslic3r 1.3.0 allows an attacker to cause an application crash using a crafted AMF document, where a metadata tag lacks a...