162 matches found
MiracleLinux 7 : cpio-2.11-28.el7 (AXSA:2020-579:01)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-579:01 advisory. CVE-2019-14866 In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archiv...
Prime security vulnerabilities
Prime is a content management system developed by Birkir Gudjonsson. Versions of Prime prior to 0.4.0.beta.0 contained security vulnerabilities, which were caused by incorrect operations on the /graphql file. These vulnerabilities could lead to denial-of-service attacks...
MiracleLinux 7 : rh-postgresql95-postgresql-9.5.14-1.el7 (AXSA:2018-3311:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-3311:01 advisory. postgresql: Certain host connection parameters defeat client-side security defenses CVE-2018-10915 postgresql: Missing authorization and memory...
MiracleLinux 4 : rh-postgresql95-postgresql-9.5.14-1.AXS4 (AXSA:2018-3313:01)
The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-3313:01 advisory. postgresql: Certain host connection parameters defeat client-side security defenses CVE-2018-10915 postgresql: Missing authorization and memory...
CVE-2026-22045 Traefik's ACME TLS-ALPN fast path lacks timeouts and close on handshake stall
Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.35 and 3.6.7, there is a potential vulnerability in Traefik ACME TLS certificates' automatic generation: the ACME TLS-ALPN fast path can allow unauthenticated clients to tie up go routines and file descriptors indefinitely when the...
CVE-2025-23084
A vulnerability has been identified in Node.js, specifically affecting the handling of drive names in the Windows environment. Certain Node.js functions do not treat drive names as special on Windows. As a result, although Node.js assumes a relative path, it actually refers to the root directory...
CVE-2025-23358
NVIDIA NVApp for Windows contains a vulnerability in the installer, where a local attacker can cause a search path element issue. A successful exploit of this vulnerability might lead to code execution and escalation of privileges...
EUVD-2026-1590
The installers for multiple products provided by PIONEER CORPORATION contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running installer...
Moderate: Red Hat Security Advisory: go-toolset:rhel8 security update
An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common...
curl security update
An update is available for curl. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The curl packages provide the libcurl library and the curl utility for downloadi...
curl: libcurl: Curl out of bounds read for cookie path
An out of bounds read flaw has been discovered in the curl project. Under specific conditions the path comparison logic makes curl read outside a heap buffer boundary. This bug either causes a crash or it potentially makes the comparison come to the wrong conclusion and lets the clear-text site...
EUVD-2025-203141
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Sonoma 14.8.3, macOS Tahoe 26.1, macOS Sequoia 15.7.3. An app may be able to access sensitive user data...
openSUSE Security Advisory (SUSE-SU-2025:4258-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2025-46439
Name of the Vulnerable Software and Affected Versions Intel MPI Library versions prior to 2021.16 Description An uncontrolled search path issue exists in the Intel MPI Library. This issue may allow an escalation of privilege for unprivileged software. A local attacker with authenticated user acce...
Amazon Linux 2 : curl, --advisory ALAS2-2025-3056 (ALAS-2025-3056)
The version of curl installed on the remote host is prior to 8.3.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3056 advisory. Out of bounds read for cookie path NOTE: https://curl.se/docs/CVE-2025-9086.htmlNOTE: Introduced with:...
Unity Linux 20.1070a Security Update: kernel (UTSA-2025-988891)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988891 advisory. In the Linux kernel, the following vulnerability has been resolved: net: validate lwtstate-data before returning from skbtunnelinfo skbtunnelinfo returns pointer of...
CVE-2025-23358
NVIDIA NVApp for Windows contains a vulnerability in the installer, where a local attacker can cause a search path element issue. A successful exploit of this vulnerability might lead to code execution and escalation of privileges...
EUVD-2025-36592
The installer of WTW EAGLE for Windows 3.0.8.0 contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application...
EulerOS 2.0 SP11 : git (EulerOS-SA-2025-2224)
According to the versions of the git packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Git is a fast, scalable, distributed revision control system with an unusually rich command set that provides both high-level operations and full...
EUVD-2000-0659
Malware in sbrugna...