13 matches found
MiracleLinux 8 : perl:5.32 (AXSA:2026-487:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-487:01 advisory. perl: Perl threads have a working directory race condition where file operations may target unintended paths CVE-2025-40909 Tenable has extracted the precedin...
CVE-2025-69986
A buffer overflow vulnerability exists in the ONVIF GetStreamUri function of LSC Indoor Camera V7.6.32. The application fails to validate the length of the Protocol parameter inside the Transport element. By sending a specially crafted SOAP request containing an oversized protocol string, an...
EUVD-2026-11916
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in David Lingren Media LIbrary Assistant media-library-assistant allows Blind SQL Injection.This issue affects Media LIbrary Assistant: from n/a through = 3.32...
CVE-2026-27963
Audiobookshelf (web application) prior to version 2.32.0 is affected by a stored XSS vulnerability via malicious library metadata. Attackers with library modification privileges can inject JS code that runs in victims’ browsers, potentially enabling session hijacking and data exfiltration. A fix ...
OESA-2025-2889 python-requests security update
Requests is an HTTP library, written in Python, as an alternative to Python's builtin urllib2 which requires work even method overrides to perform basic tasks. Features of Requests: - GET, HEAD, POST, PUT, DELETE Requests: + HTTP Header Request Attachment. + Data/Params Request Attachment. +...
Fedora 43 : gdu (2025-709790fda7)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-709790fda7 advisory. Update to 5.32.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested f...
WordPress plugin Яндекс Доставка (Boxberry) 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A security...
webkitgtk: Memory corruption issue leading to arbitrary code execution
A memory corruption issue was found in WebKitGTK and WPE WebKit in versions prior to 2.32.0. Processing maliciously crafted web content may lead to arbitrary code execution. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...
Vulnerability in the Data Store component of Oracle Berkeley DB. The supported version that is affected is Prior to 6.2.32. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Data Store executes to compromise Data Store. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Data Store. CVSS 3.0 Base Score 7.0 (Confidentiality Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H).
...
OPENSUSE-SU-2020:0870-1 Security update for mariadb
This update for mariadb to version 10.2.32 fixes the following issues: mariadb was updated to version 10.2.32 bsc1171550 - CVE-2020-2752: Fixed an issue which could have resulted in unauthorized ability to cause denial of service. - CVE-2020-2812: Fixed an issue which could have resulted in...
SUSE-SU-2020:1711-1 Security update for mariadb
This update for mariadb to version 10.2.32 fixes the following issues: mariadb was updated to version 10.2.32 bsc1171550 - CVE-2020-2752: Fixed an issue which could have resulted in unauthorized ability to cause denial of service. - CVE-2020-2812: Fixed an issue which could have resulted in...
Oracle VM VirtualBox Elevation of Privilege Vulnerability (CNVD-2018-02061)
Oracle Virtualization is the American Oracle Oracle company's set of hardware and software virtualization management solutions. Oracle VM VirtualBox is one of the virtual machine components. A security vulnerability exists in the Oracle VM VirtualBox component of Oracle Virtualization, versions...
UBUNTU-CVE-2014-8636
The XrayWrapper implementation in Mozilla Firefox before 35.0 and SeaMonkey before 2.32 does not properly interact with a DOM object that has a named getter, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via unspecified vectors...