85 matches found
EUVD-2020-3392
Malware in sbrugna...
EUVD-2023-26919
Malicious code in bioql PyPI...
EUVD-2022-3720
Malicious code in bioql PyPI...
CVE-2025-55114 BMC Control-M/Agent improper IP address filtering order
The improper order of AUTHORIZEDCTMIP validation in the Control-M/Agent, where the Control-M/Server IP address is validated only after the SSL/TLS handshake is completed, exposes the Control-M/Agent to vulnerabilities in the SSL/TLS implementation under certain non-default conditions e.g...
Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.19.11 packages and security update
Red Hat OpenShift Container Platform release 4.19.11 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.19. Red Hat Product Security has rated this update as having a...
Linux Distros Unpatched Vulnerability : CVE-2025-38728
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - smb3: fix for slab out of bounds on mount to ksmbd With KASAN enabled, it is possible to get a slab out of bounds during mount to ksmbd due to missing check in...
CVE-2025-53537
CVE-2025-53537 affects LibHTP
CVE-2022-50063 net: dsa: felix: suppress non-changes to the tagging protocol
In the Linux kernel, the following vulnerability has been resolved: net: dsa: felix: suppress non-changes to the tagging protocol The way in which dsatreechangetagproto works is that when dsatreenotify fails, it doesn't know whether the operation failed mid way in a multi-switch tree, or it faile...
CVE-2024-22815
An issue in the communication protocol of Tormach xsTECH CNC Router, PathPilot Controller v2.9.6 allows attackers to cause a Denial of Service DoS via crafted commands...
CVE-2019-20783
An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 North America CDMA software. The LTE protocol implementation allows a bypass of AKA Authentication and Key Agreement. The LG ID is LVE-SMP-180014 February 2019...
PT-2025-18484 · Linux +2 · Linux Kernel +2
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel. The issue is related to the 9p protocol and file descriptor handling. Specifically, when the file descriptor refers to a pipe, th...
CVE-2025-29991
Yubico YubiKey 5.4.1 through 5.7.3 before 5.7.4 has an incorrect FIDO CTAP PIN/UV Auth Protocol Two implementation. It uses the signature length from CTAP PIN/UV Auth Protocol One, even when CTAP PIN/UV Auth Protocol Two was chosen, resulting in a partial signature verification...
CVE-2025-29991
Yubico YubiKey 5.4.1 through 5.7.3 before 5.7.4 has an incorrect FIDO CTAP PIN/UV Auth Protocol Two implementation. It uses the signature length from CTAP PIN/UV Auth Protocol One, even when CTAP PIN/UV Auth Protocol Two was chosen, resulting in a partial signature verification...
CVE-2025-3083
This CVE affects MongoDB: malformed wire protocol messages can crash mongos during command validation, exploitable without authentication. Affected versions are MongoDB v5.0 before 5.0.31, v6.0 before 6.0.20, and v7.0 before 7.0.16. Impact is a denial of service (availability) with a high severit...
Linux Distros Unpatched Vulnerability : CVE-2021-47152
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: mptcp: fix data stream corruption Maxim reported several issues when forcing a TCP transpare...
Linux Distros Unpatched Vulnerability : CVE-2015-4000
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The TLS protocol 1.2 and earlier, when a DHEEXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHEEXPORT choice, which...
Linux Distros Unpatched Vulnerability : CVE-2017-3224
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Open Shortest Path First OSPF protocol implementations may improperly determine Link State Advertisement LSA recency for LSAs with MaxSequenceNumber. According ...
Linux Distros Unpatched Vulnerability : CVE-2016-2370
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A denial of service vulnerability exists in the handling of the MXIT protocol in Pidgin. Specially crafted MXIT data sent from the server could potentially resu...
Linux Distros Unpatched Vulnerability : CVE-2014-3566
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle...
Oracle Agile Product Lifecycle Management (PLM) 9.3.6.x < 9.3.6.26
The version of Oracle Agile Product Lifecycle Management PLM on the remote host is 9.3.6.x prior to 9.3.6.26. It is, therefore, affected by multiple vulnerabilities, including: - Vulnerability in the Oracle Agile PLM product of Oracle Supply Chain component: Export. The supported version that is...