RHEL 9 : compat-openssl11 (RHSA-2026:4825)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2026:4825 advisory. The OpenSSL toolkit provides support for secure communications between machines. This version of OpenSSL package contains only the libraries from the...

Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2026-1470)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2026-3085

GStreamer rtpqdm2depay Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary...

Linux Distros Unpatched Vulnerability : CVE-2025-10990

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in REXML. A remote attacker could exploit inefficient regular expression regex parsing when processing hex numeric character references &x...; ...

Amazon Linux 2 : runfinch-finch, --advisory ALAS2DOCKER-2026-097 (ALASDOCKER-2026-097)

The version of runfinch-finch installed on the remote host is prior to 1.14.1-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2DOCKER-2026-097 advisory. net/http: memory exhaustion in Request.ParseForm CVE-2025-61726 archive/zip: denial of service when parsing...

CVE-2026-26338

Hyland Alfresco Transformation Service allows unauthenticated attackers to achieve server-side request forgery SSRF through the document processing functionality...

SHARP MFPs Out-of-Bounds Vulnerabilities (CVE-2024-42420)

Sharp and Toshiba Tec MFPs contain multiple Out-of-bounds Read vulnerabilities, due to improper processing of keyword search input and improper processing of SOAP messages. Crafted HTTP requests may cause affected products crashed. This plugin only works with Tenable.ot. Please visit...

CVE-2020-37128

CVE-2020-37128 affects ZOC Terminal 7.25.5. A script processing issue allows local attackers to crash the application by loading a maliciously crafted REXX script file; generating an oversized script (~20,000 repeated characters) can trigger a denial of service. Evidence across multiple sources c...

📄 Gakido CRLF Injection

A vulnerability was discovered in Gakido that allowed HTTP header injection through CRLF sequences in user-supplied header values and names. Versions prior to 0.1.1 are affected. Gakido - CRLF Injection Advisory ID: RO-26-005 CVE ID: CVE-2026-24489 Severity: Medium Vendor: HappyHackingSpace...

openssl: OpenSSL: Arbitrary code execution due to out-of-bounds write in PKCS#12 processing

A flaw was found in OpenSSL. When processing a specially crafted PKCS12 Personal Information Exchange Syntax Standard file, a remote attacker can exploit an out-of-bounds write vulnerability. This issue, occurring within the OPENSSLuni2utf8 function, leads to memory corruption by writing data...

Horilla authorization issue vulnerability

Horilla is a free open-source human resources software developed by Horilla Company. Version 1.4.0 of Horilla contains an authorization vulnerability. This vulnerability stems from defects in the equality checks within the OTP processing logic, which could lead to a complete bypass of two-factor...

CVE-2025-66786

OpenAirInterface CN5G AMF

CVE-2025-66786

OpenAirInterface CN5G AMF=v2.0.1 There is a logical error when processing JSON format requests. Unauthorized remote attackers can send malicious JSON data to AMF's SBI interface to launch a denial-of-service attack...

Amazon Linux 2 : libvirt, --advisory ALAS2-2025-3115 (ALAS-2025-3115)

The version of libvirt installed on the remote host is prior to 4.5.0-36. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3115 advisory. A flaw was discovered in libvirt in the XML file processing. More specifically, the parsing of user provided XML files was perform...

PT-2026-6841

Name of the Vulnerable Software and Affected Versions tracker-miners affected versions not specified Description A flaw exists in tracker-miners related to the handling of malformed MP3 files. Specifically, the software incorrectly processes certain MP3 files, potentially leading to a denial of...

PT-2026-3019

Name of the Vulnerable Software and Affected Versions libxml2 affected versions not specified Description An issue exists in the libxml2 library related to uncontrolled resource consumption. The problem occurs when processing XML catalogs containing repeated elements that point to the same...

CVE-2025-14416

pdfforge PDF Architect DOC File Insufficient UI Warning Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of pdfforge PDF Architect. User interaction is required to exploit this vulnerability in that the target must...

CVE-2025-14404

PDFsam Enhanced XLS File Insufficient UI Warning Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDFsam Enhanced. User interaction is required to exploit this vulnerability in that the target must visit a...

EUVD-2025-205000

pdfforge PDF Architect DOC File Insufficient UI Warning Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of pdfforge PDF Architect. User interaction is required to exploit this vulnerability in that the target must...

EUVD-2025-205004

PDFsam Enhanced DOC File Insufficient UI Warning Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDFsam Enhanced. User interaction is required to exploit this vulnerability in that the target must visit a...