92 matches found
CVE-2026-42289
ChurchCRM is an open-source church management system. Prior to 7.3.2, UserEditor.php processes user account creation and permission updates entirely through $POST parameters with no CSRF token validation. An unauthenticated attacker can craft a malicious HTML page that, when visited by an...
EUVD-2020-5032
Malware in sbrugna...
EUVD-2022-49157
Malicious code in bioql PyPI...
EUVD-2022-49158
Malicious code in bioql PyPI...
EUVD-2025-21916
Malicious code in bioql PyPI...
CVE-2020-23968
Ilex International Sign Workstation Security Suite 7.1 allows elevation of privileges via a symlink attack on ProgramData\Ilex\S\Logs\000-sngWSService1.log...
Alibaba Cloud Linux 3 : 0063: tigervnc (ALINUX3-SA-2023:0063)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0063 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-4283: A vulnerability was found i...
Alibaba Cloud Linux 3 : 0062: xorg-x11-server (ALINUX3-SA-2023:0062)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0062 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-2319 A flaw was found in the...
Microsoft Windows Multiple Vulnerabilities (KB5043080)
This host is missing an important security update according to Microsoft KB5043080 SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
CVE-2024-48013
Dell SmartFabric OS10 Software, versions 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contains an Execution with Unnecessary Privileges vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges...
Apple MacOSX Security Update (HT121234)
Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-27798
CVE-2024-27798 is a local-privilege-escalation vulnerability in macOS caused by an authorization issue in state management. Apple fixes it in macOS Sonoma 14.5 with an updated state-management approach. The NVD and Red Hat advisories validate the fix and targeted platform (macOS Sonoma 14.5). Exp...
RHEL 5 : dovecot (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - dovecot: improper NULL byte handling in IMAP and ManageSieve protocol parsers leads to out of bounds writ...
CentOS 9 : tigervnc-1.12.0-9.el9
The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the tigervnc-1.12.0-9.el9 build changelog. - A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory...
CentOS 9 : xorg-x11-server-Xwayland-21.1.3-6.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the xorg-x11-server-Xwayland-21.1.3-6.el9 build changelog. - A vulnerability was found in X.Org. This security flaw occurs becuase the swap handler for the XTestFakeInput request of the XTe...
Microsoft .NET Framework Multiple Vulnerabilities (KB5034275)
This host is missing an important security update according to Microsoft KB5034275 SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...
AlmaLinux 9 : open-vm-tools (ALSA-2023:7277)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:7277 advisory. - VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges...
Slackware Linux 15.0 / current tigervnc Multiple Vulnerabilities (SSA:2023-317-01)
The version of tigervnc installed on the remote host is prior to 1.12.0 / 1.13.1. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-317-01 advisory. - A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is the functio...
CVE-2023-37243
The C:\Windows\Temp\Agent.Package.Availability\Agent.Package.Availability.exe file is automatically launched as SYSTEM when the system reboots. Since the C:\Windows\Temp\Agent.Package.Availability folder inherits permissions from C:\Windows\Temp and Agent.Package.Availability.exe is susceptible t...
CVE-2023-42824
The issue was addressed with improved checks. This issue is fixed in iOS 16.7.1 and iPadOS 16.7.1. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.6...