750 matches found
CVE-2026-4761 Unnecessary permissions on private keys of certificates installed by Network and Security Wizard
When a certificate and its private key are installed in the Windows machine certificate store using Network and Security tool, access rights to the private key are unnecessarily granted to the operator group. Installations based on Panorama Suite 2025 25.00.004 are vulnerable unless update...
PT-2026-27762
When a certificate and its private key are installed in the Windows machine certificate store using Network and Security tool, access rights to the private key are unnecessarily granted to the operator group. Installations based on Panorama Suite 2025 25.00.004 are vulnerable unless...
PT-2026-25903
Name of the Vulnerable Software and Affected Versions Perle IOLAN STS/SCS versions prior to 6.0 Description Perle IOLAN STS/SCS terminal server models with firmware versions prior to 6.0 allow authenticated operating system command injection through the restricted shell accessible via Telnet or...
Lantronix EDS3000PS 安全漏洞
Lantronix EDS3000PS is a serial port device server developed by the American company Lantronix. The Lantronix EDS3000PS v.3.1.0.0R2 version contains a security vulnerability. This vulnerability stems from a flaw in the ltrxevo component, which may allow attackers to execute arbitrary code and...
ROS-20260306-73-0030
A vulnerability in the acpipscompletefinalop function of the drivers/acpi/acpica/psobject.c module of the Linux operating systems kernel is related to the failure to free memory after an effective lifetime. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
CVE-2026-25797 ImageMagick vulnerable to Code injection via PostScript header in ps coders
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the ps coders, responsible for writing PostScript files, fails to sanitize the input before writing it into the PostScript header. An attacker can provide a...
Arbitrary Code Injection
Overview Magick.NET-Q16-x64 is a Magick.NET allows you can use ImageMagick without having to install ImageMagick on your server or desktop. More information about specific builds see the official docs https://github.com/dlemstra/Magick.NET/tree/main/docs Affected versions of this package are...
CVE-2026-25797 ImageMagick vulnerable to Code injection via PostScript header in ps coders
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-15 and 6.9.13-40, the ps coders, responsible for writing PostScript files, fails to sanitize the input before writing it into the PostScript header. An attacker can provide a...
Malicious Package
Overview @ps-i18/i18-utils is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
MiracleLinux 8 : procps-ng-3.3.15-14.el8 (AXSA:2023-7098:04)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-7098:04 advisory. procps: ps buffer overflow CVE-2023-4016 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory. Note that...
UBUNTU-CVE-2025-68215
In the Linux kernel, the following vulnerability has been resolved: ice: fix PTP cleanup on driver removal in error path Improve the cleanup on releasing PTP resources in error path. The error case might happen either at the driver probe and PTP feature initialization or on PTP restart errors in...
Account Hijacking
prestashop/pscheckout is vulnerable to Account hijacking. The vulnerability is due to the incorrect use of arraysearch in the backoffice logic, which allows an attacker to hijack the targeted PayPal merchant account...
Malicious code in puteri-mintau-ps (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6aaa3f1d7f00aa8b088c86f4e45d35eae409dc6f579649e06eddf65cb985c36d This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Dell Storage Manager Improper Authentication Vulnerability
Dell Storage Manager is a centralized storage management tool from Dell that is used to manage storage devices such as SC Series, PS Series and FluidFS, providing unified monitoring, configuration and replication capabilities. An improper authentication vulnerability exists in Dell Storage Manage...
EUVD-2025-34967
The Media Library Assistant plugin for WordPress is vulnerable to limited file reading in all versions up to, and including, 3.29 via the mla-stream-image.php file. This makes it possible for unauthenticated attackers to read the contents of arbitrary ai/eps/pdf/ps files on the server, which can...
WordPress plugin Media Library Assistant 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin Media...
Incomplete List of Disallowed Inputs
Overview Affected versions of this package are vulnerable to Incomplete List of Disallowed Inputs involving the PHP arraysearch function. An attacker can gain unauthorized access to a PayPal merchant account. Note: Versions 9.4.3.1 through 9.4.3.3, which used the build numbering scheme prior to...
EUVD-2021-0600
Malware in sbrugna...
EUVD-2008-0599
Malware in sbrugna...
EUVD-1999-0301
Malware in sbrugna...