Linux Distros Unpatched Vulnerability : CVE-2016-7946

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - X.org libXi before 1.7.7 allows remote X servers to cause a denial of service infinite loop via vectors involving length fields. CVE-2016-7946 Note that Nessus...

Linux Distros Unpatched Vulnerability : CVE-2017-7394

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In TigerVNC 1.7.1 SSecurityPlain.cxx SSecurityPlain::processMsg, unauthenticated users can crash the server by sending long usernames. CVE-2017-7394 Note that...

Linux Distros Unpatched Vulnerability : CVE-2018-13153

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In ImageMagick 7.0.8-4, there is a memory leak in the XMagickCommand function in MagickCore/animate.c. CVE-2018-13153 Note that Nessus relies on the presence of...

Linux Distros Unpatched Vulnerability : CVE-2015-5199

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Directory traversal vulnerability in dlopen in libvdpau before 1.1.1 allows local users to gain privileges via the VDPAUDRIVER environment variable. CVE-2015-51...

Linux Distros Unpatched Vulnerability : CVE-2014-8354

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The HorizontalFilter function in resize.c in ImageMagick before 6.8.9-9 allows remote attackers to cause a denial of service out-of-bounds read via a crafted...

prometerre.ch Cross Site Scripting vulnerability OBB-4031907

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

CVE-2025-25303 Server-Side Request Forgery (SSRF) in MouseTooltipTranslator

The MouseTooltipTranslator Chrome extension allows mouseover translation of any language at once. The MouseTooltipTranslator browser extension is vulnerable to SSRF attacks. The pdf.mjs script uses the URL parameter from the current URL as the file to download and display to the extension user...

CVE-2025-25303

Summary: CVE-2025-25303 describes a Server-Side Request Forgery (SSRF) in the MouseTooltipTranslator Chrome extension. The issue stems from the pdf.mjs script, which uses the URL parameter from the current URL as the target file to download and display. Since pdf.mjs is imported by viewer.html an...

Linux Distros Unpatched Vulnerability : CVE-2010-0308

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15 allows remote attackers to cause a denial of service assertion failure via a...

mail.siicsalud.com Cross Site Scripting vulnerability OBB-4030848

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Defense Lessons From the Black Basta Ransomware Playbook

The cybersecurity world was rocked last week by a massive leak of Black Basta’s internal communications that emerged from the group’s chat logs. Triggered by internal conflicts and a retaliatory data dump following attacks on Russian banks, the exposed records offer a rare glimpse into Black...

Security update for the Linux Kernel (Live Patch 35 for SLE 15 SP4)

This update for the Linux Kernel 5.14.21-15040024147 fixes one issue. The following security issue was fixed: CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat bsc1236783. Patch Instructions: To install this SUSE update use the SUSE recommended...

GHSA-CWRJ-J635-2M7W vulnerabilities

Vulnerabilities for packages: nodejs...

GHSA-JFR5-5G87-P347 vulnerabilities

Vulnerabilities for packages: mysql...

GHSA-2GVQ-92C2-XJ2H vulnerabilities

Vulnerabilities for packages: mysql...

Security update for the Linux Kernel (Live Patch 48 for SLE 15 SP3)

This update for the Linux Kernel 5.3.18-15030059174 fixes one issue. The following security issue was fixed: CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat bsc1236783. Patch Instructions: To install this SUSE update use the SUSE recommended...

Siemens SIMATIC Devices Linux Kernel Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') (CVE-2022-3521)

A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcmtxwork of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211018 is the...

openSUSE Security Advisory (SUSE-SU-2024:3772-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (openSUSE-SU-2024:0156-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for the Linux Kernel (Live Patch 1 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-150600237 fixes several issues. The following security issues were fixed: CVE-2024-40956: dmaengine: idxd: Fix possible Use-After-Free in irqprocessworklist bsc1228585. CVE-2024-36974: net/sched: taprio: always validate TCATAPRIOATTRPRIOMAP bsc1227371...