CVE-2026-42289

ChurchCRM is an open-source church management system. Prior to 7.3.2, UserEditor.php processes user account creation and permission updates entirely through $POST parameters with no CSRF token validation. An unauthenticated attacker can craft a malicious HTML page that, when visited by an...

EUVD-2020-5032

Malware in sbrugna...

EUVD-2022-49157

Malicious code in bioql PyPI...

EUVD-2022-49158

Malicious code in bioql PyPI...

EUVD-2025-21916

Malicious code in bioql PyPI...

CVE-2020-23968

Ilex International Sign Workstation Security Suite 7.1 allows elevation of privileges via a symlink attack on ProgramData\Ilex\S\Logs\000-sngWSService1.log...

Alibaba Cloud Linux 3 : 0063: tigervnc (ALINUX3-SA-2023:0063)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0063 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-4283: A vulnerability was found i...

Alibaba Cloud Linux 3 : 0062: xorg-x11-server (ALINUX3-SA-2023:0062)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0062 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-2319 A flaw was found in the...

Microsoft Windows Multiple Vulnerabilities (KB5043080)

This host is missing an important security update according to Microsoft KB5043080 SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

CVE-2024-48013

Dell SmartFabric OS10 Software, versions 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contains an Execution with Unnecessary Privileges vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges...

Apple MacOSX Security Update (HT121234)

Apple Mac OS X is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-27798

CVE-2024-27798 is a local-privilege-escalation vulnerability in macOS caused by an authorization issue in state management. Apple fixes it in macOS Sonoma 14.5 with an updated state-management approach. The NVD and Red Hat advisories validate the fix and targeted platform (macOS Sonoma 14.5). Exp...

RHEL 5 : dovecot (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - dovecot: improper NULL byte handling in IMAP and ManageSieve protocol parsers leads to out of bounds writ...

CentOS 9 : xorg-x11-server-Xwayland-21.1.3-6.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the xorg-x11-server-Xwayland-21.1.3-6.el9 build changelog. - A vulnerability was found in X.Org. This security flaw occurs becuase the swap handler for the XTestFakeInput request of the XTe...

CentOS 9 : tigervnc-1.12.0-9.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the tigervnc-1.12.0-9.el9 build changelog. - A vulnerability was found in X.Org. This security flaw occurs because the XkbCopyNames function left a dangling pointer to freed memory...

Microsoft .NET Framework Multiple Vulnerabilities (KB5034275)

This host is missing an important security update according to Microsoft KB5034275 SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

AlmaLinux 9 : open-vm-tools (ALSA-2023:7277)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:7277 advisory. - VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges...

Slackware Linux 15.0 / current tigervnc Multiple Vulnerabilities (SSA:2023-317-01)

The version of tigervnc installed on the remote host is prior to 1.12.0 / 1.13.1. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-317-01 advisory. - A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is the functio...

CVE-2023-37243

The C:\Windows\Temp\Agent.Package.Availability\Agent.Package.Availability.exe file is automatically launched as SYSTEM when the system reboots. Since the C:\Windows\Temp\Agent.Package.Availability folder inherits permissions from C:\Windows\Temp and Agent.Package.Availability.exe is susceptible t...

CVE-2023-42824

The issue was addressed with improved checks. This issue is fixed in iOS 16.7.1 and iPadOS 16.7.1. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.6...