MiracleLinux 7 : GStreamer (AXSA:2017-2179:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-2179:01 advisory. clutter-gst2 Clutter is an open source software library for creating fast, visually rich and animated graphical user interfaces. Clutter GStreamer...

MiracleLinux 7 : gstreamer1-plugins-bad-free-1.4.5-6.el7 (AXSA:2017-1226:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2017-1226:01 advisory. GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins that aren't tested...

MiracleLinux 7 : setroubleshoot-plugins-3.0.59-2.0.1.el7.AXS7, setroubleshoot-3.2.24-4.0.1.el7.AXS7 (AXSA:2016-547:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2016-547:01 advisory. setroubleshoot setroubleshoot GUI. Application that allows you to view setroubleshoot-server messages. Provides tools to help diagnose SELinux...

MiracleLinux 7 : gstreamer1-plugins-good-1.4.5-3.el7 (AXSA:2017-1224:01)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2017-1224:01 advisory. GStreamer is a streaming media framework, based on graphs of filters which operate on media data. Applications using this library can do anything fr...

Wordfence Intelligence Weekly WordPress Vulnerability Report (January 5, 2026 to January 11, 2026)

Did you know Wordfence runs aBug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability , for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we...

Chikitsa code vulnerabilities

Chikitsa is a patient management system developed by the individuals at Sanskruti Technologies. Version Chikitsa 2.0.2 has code vulnerabilities; these vulnerabilities stem from the module upload function, which may allow authenticated attackers to upload malicious PHP plugins and execute remote...

org.sonatype.nexus.api.extdirect:nexus-api-extdirect-selfhosted (>=3.81.0-08 <=3.87.2-01), org.sonatype.nexus.api.rest:nexus-api-rest-common (>=3.81.0-08 <=3.87.2-01) +8 more potentially affected by CVE-2026-0600 via org.sonatype.nexus.plugins:nexus-blobstore-s3 (>=3.12.0-01 <=3.87.2-01)

org.sonatype.nexus.plugins:nexus-blobstore-s3 MAVEN version =3.12.0-01, =3.81.0-08, =3.81.0-08, =3.81.0-08, =3.60.0-02, =3.12.0-01, =3.12.0-01, =3.71.0-06, =3.37.0-01, =3.78.0-14, =3.83.0-08, =3.87.2-01 Source cves: CVE-2026-0600 Source advisory: SNYK:JAVA-ORGSONATYPENEXUSPLUGINS-14946105...

io.github.hWorblehat:nexus3-external-auth-plugin (=0.1.0), org.sonatype.nexus.api.extdirect:nexus-api-extdirect-common (>=3.81.0-08 <=3.87.2-01) +112 more potentially affected by CVE-2026-0600 via org.sonatype.nexus:nexus-validation (>=3.0.0-b2015061001 <=3.87.2-01)

org.sonatype.nexus:nexus-validation MAVEN version =3.0.0-b2015061001, =3.81.0-08, =3.81.0-08, =3.81.0-08, =3.81.0-08, =3.4.0-02, =3.60.0-02, =3.4.0-02, =3.21.0-01, =3.0.0-03, =3.4.0-02, =0.6.1, =0.10.2, =0.14.0 - org.sonatype.nexus.plugins:nexus-blobstore-restore =3.4.0-02 and more Source cves:...

@frontmcp/adapters (>=0.5.0 <=0.6.3), @frontmcp/plugins (>=0.5.0 <=0.6.3) +4 more potentially affected by CVE-2026-22686 via enclave-vm (=1.0.3)

enclave-vm NPM version =1.0.3 is affected by a known vulnerability. The following packages have a transitive dependency on enclave-vm and may be impacted: - @frontmcp/adapters =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.6.1, =0.6.3 - frontmcp =0.5.0 Source cves: CVE-2026-22686 Source advisory:...

[SECURITY] Fedora 43 Update: complyctl-0.1.2-1.fc43

complyctl leverages OSCAL to perform compliance assessment activities, using plugins for each stage of the life-cycle...

MiracleLinux 9 : gstreamer1-plugins-good-1.22.12-4.el9 (AXSA:2025-10303:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10303:01 advisory. gstreamer1-plugins-good: OOB-read in qtdemuxparsecontainer CVE-2024-47543 gstreamer1-plugins-good: GStreamer has an OOB-read in...

MiracleLinux 9 : gstreamer1-plugins-base-1.22.12-4.el9 (AXSA:2025-10279:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10279:01 advisory. gstreamer1-plugins-base: ID3v2 parser out-of-bounds read and NULL-pointer dereference CVE-2024-47542 gstreamer1-plugins-base: GStreamer has an...

MiracleLinux 8 : grafana-9.2.10-23.el8_10 (AXSA:2025-9968:05)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9968:05 advisory. grafana: Cross-site Scripting XSS in Grafana via Custom Frontend Plugins and Open Redirect CVE-2025-4123 Tenable has extracted the preceding description bloc...

MiracleLinux 7 : gstreamer1-plugins-base-1.10.4-2.0.3.el7.AXS7 (AXSA:2025-11445:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-11445:03 advisory. CVE-2024-47615: fix OOB-Write in gstparsevorbissetuppacket by validating integer size input to prevent memory corruption CVEs: CVE-2024-47615 GStreamer is a...

MiracleLinux 9 : containernetworking-plugins-1.6.2-2.el9_6 (AXSA:2025-10544:02)

The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-10544:02 advisory. net/http: Request smuggling due to acceptance of invalid chunked data in net/http CVE-2025-22871 Tenable has extracted the preceding description block...

MiracleLinux 7 : gstreamer1-plugins-base-1.10.4-2.0.2.el7.AXS7 (AXSA:2025-11109:02)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-11109:02 advisory. CVE-2024-47538: fix stack-buffer overflow in vorbishandleidentificationpacket function by limiting writing beyond boundaries of position array CVEs...

com.amazonaws.serverless:aws-serverless-java-container-struts (=1.9), com.jgeppert.struts2.bootstrap:struts2-bootstrap-plugin (=5.0.0) +52 more potentially affected by CVE-2025-68493 via org.apache.struts:struts2-core (>=6.0.0 <=6.10.0)

org.apache.struts:struts2-core MAVEN version =6.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =1.4.0, =1.4.1, =1.4.0, =1.4.2 and more Source cves: CVE-2025-68493 Source advisory: OSV:GHSA-QCFC-HMRC-59X7https://vulners.c...

com.amazonaws.serverless:aws-serverless-java-container-struts (=1.9), com.jgeppert.struts2.bootstrap:struts2-bootstrap-plugin (=5.0.0) +52 more potentially affected by CVE-2025-68493 via org.apache.struts:struts2-core (>=6.0.0 <=6.10.0)

org.apache.struts:struts2-core MAVEN version =6.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =5.0.0, =1.4.0, =1.4.1, =1.4.0, =1.4.2 and more Source cves: CVE-2025-68493 Source advisory: SNYK:JAVA-ORGAPACHESTRUTS-14915536https:...

CVE-2025-12551

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in e-plugins ListingHub listinghub allows Reflected XSS.This issue affects ListingHub: from n/a through 1.2.6...

CVE-2005-1713

Multiple cross-site scripting XSS vulnerabilities in Serendipity 0.8 allow remote attackers to inject arbitrary web script or HTML via the 1 templatedropdown and 2 shoutbox plugins...