PT-2026-3709

Name of the Vulnerable Software and Affected Versions Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in for Apache HTTP Server, and Oracle Weblogic Server Proxy Plug-in for IIS versions 12.2.1.4.0, 14.1.1.0.0, and 14.1.2.0.0 are affected. Description An easily exploitable vulnerability...

Oracle Fusion Middleware security vulnerabilities

Oracle Fusion Middleware is a business innovation platform developed by Oracle Corporation for enterprise and cloud environments. This platform provides middleware, software collections, and other functions. WebLogic Server is an application server component suitable for both cloud and traditiona...

MiracleLinux 7 : gupnp-1.0.2-6.el7 (AXSA:2021-1998:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-1998:01 advisory. gupnp: allows DNS rebinding which could result in tricking browser into triggering actions against local UPnP services CVE-2021-33516 Tenable has extracted t...

OPENSUSE-SU-2026:20055-1 Security update for gimp

This update for gimp fixes the following issues: Changes in gimp: Update to 3.0.6: - Security: - During development, we received reports from the Zero Day Initiative of potential security issues with some of our file import plug-ins. While these issues are very unlikely to occur with real files,...

MiracleLinux 4 : gimp-2.6.9-6.0.1.AXS4 (AXSA:2014-037:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2014-037:01 advisory. GIMP GNU Image Manipulation Program is a powerful image composition and editing program, which can be extremely useful for creating logos and other...

MiracleLinux 4 : 389-ds-base-1.2.11.15-91.AXS4 (AXSA:2017-1583:03)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-1583:03 advisory. 389 Directory Server is an LDAPv3 compliant server. The base package includes the LDAP server and command line utilities for server administration. Security...

MiracleLinux 4 : 389-ds-base-1.2.11.15-14.AXS4 (AXSA:2013-412:03)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2013-412:03 advisory. 389 Directory Server is an LDAPv3 compliant server. The base package includes the LDAP server and command line utilities for server administration. Security...

MiracleLinux 4 : libvirt-0.9.10-21.5.0.1.AXS4 (AXSA:2012-975:04)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-975:04 advisory. Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the...

CVE-2003-1521

Sun Java Plug-In 1.4 through 1.4.202 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model...

CVE-2003-1516

The org.apache.xalan.processor.XSLProcessorVersion class in Java Plug-in 1.4.201 allows signed and unsigned applets to share variables, which violates the Java security model and could allow remote attackers to read or write data belonging to a signed applet...

CVE-2023-43029

IBM Storage Virtualize vSphere Remote Plug-in 1.0 and 1.1 could allow a remote user to obtain sensitive credential information after deployment...

CVE-2025-14110

The WP Js List Pages Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class' shortcode attribute in all versions up to, and including, 1.21 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

SUSE CVE-2025-12689

Mattermost versions 11.0.x = 11.0.4, 10.12.x = 10.12.2, 10.11.x = 10.11.6 fail to check WebSocket request field for proper UTF-8 format, which allows attacker to crash Calls plug-in via sending malformed request...

SUSE CVE-2022-50847

In the Linux kernel, the following vulnerability has been resolved: drm/bridge: it6505: Initialize AUX channel in it6505i2cprobe During device boot, the HPD interrupt could be triggered before the DRM subsystem registers it6505 as a DRM bridge. In such cases, the driver tries to access AUX channe...

EUVD-2022-55851

In the Linux kernel, the following vulnerability has been resolved: drm/bridge: it6505: Initialize AUX channel in it6505i2cprobe During device boot, the HPD interrupt could be triggered before the DRM subsystem registers it6505 as a DRM bridge. In such cases, the driver tries to access AUX channe...

UBUNTU-CVE-2023-54263

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/kms/nv50-: init hpdirqlock for PIOR DP Fixes OOPS on boards with ANX9805 DP encoders...

CVE-2022-50847

In the Linux kernel, the following vulnerability has been resolved: drm/bridge: it6505: Initialize AUX channel in it6505i2cprobe During device boot, the HPD interrupt could be triggered before the DRM subsystem registers it6505 as a DRM bridge. In such cases, the driver tries to access AUX channe...

CVE-2022-50847

In the Linux kernel, the following vulnerability has been resolved: drm/bridge: it6505: Initialize AUX channel in it6505i2cprobe During device boot, the HPD interrupt could be triggered before the DRM subsystem registers it6505 as a DRM bridge. In such cases, the driver tries to access AUX channe...

CVE-2022-50847 drm/bridge: it6505: Initialize AUX channel in it6505_i2c_probe

In the Linux kernel, the following vulnerability has been resolved: drm/bridge: it6505: Initialize AUX channel in it6505i2cprobe During device boot, the HPD interrupt could be triggered before the DRM subsystem registers it6505 as a DRM bridge. In such cases, the driver tries to access AUX channe...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a hot-plug callback leak in the dmc620pmuinit function, which could result in the callback not being removed...