1334 matches found
EUVD-2026-16330
The API function sshgethexa is vulnerable, when 0-lenght input is provided to this function. This function is used internally in sshgetfingerprinthash and sshprinthexa deprecated, which is vulnerable to the same input length is provided by the calling application. The function is also used...
CVE-2026-4247
CVE-2026-4247 affects FreeBSD TCP implementations (bases: 14.x, 15.x/releng) where, when a challenge ACK should be sent, tcp_respond() consumes the mbuf and can leak the mbuf if no ACK is sent. An attacker on-path or able to establish a TCP connection can craft packets that trigger a challenge AC...
EUVD-2026-10324
A security vulnerability has been detected in OWASP DefectDojo up to 2.55.4. This vulnerability affects the function inputzip.read of the file parser.py of the component SonarQubeParser/MSDefenderParser. The manipulation leads to denial of service. The attack can be initiated remotely. The exploi...
CVE-2026-3816
A security vulnerability has been detected in OWASP DefectDojo up to 2.55.4. This vulnerability affects the function inputzip.read of the file parser.py of the component SonarQubeParser/MSDefenderParser. The manipulation leads to denial of service. The attack can be initiated remotely. The exploi...
CVE-2025-69534
Python-Markdown version 3.8 contain a vulnerability where malformed HTML-like sequences can cause html.parser.HTMLParser to raise an unhandled AssertionError during Markdown parsing. Because Python-Markdown does not catch this exception, any application that processes attacker-controlled Markdown...
EulerOS 2.0 SP13 : brotli (EulerOS-SA-2026-1218)
According to the versions of the brotli package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Scrapy versions up to 2.13.2 are vulnerable to a denial of service DoS attack due to a flaw in its brotli decompression implementation. The...
MiracleLinux 8 : subversion:1.10 (AXSA:2021-1466:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1466:01 advisory. subversion: remotely triggerable DoS vulnerability in svnserve 'get-deleted-rev' CVE-2018-11782 Tenable has extracted the preceding description block directl...
MiracleLinux 4 : nss-3.44.0-7.0.1.AXS4 (AXSA:2021-1747:04)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1747:04 advisory. nss: TLS 1.3 CCS flood remote DoS Attack CVE-2020-25648 Tenable has extracted the preceding description block directly from the MiracleLinux security advisor...
MiracleLinux 8 : nspr-4.32.0-1.el8, nss-3.67.0-6.el8 (AXSA:2021-2445:02)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2445:02 advisory. nss: TLS 1.3 CCS flood remote DoS Attack CVE-2020-25648 Tenable has extracted the preceding description block directly from the MiracleLinux security advisor...
PT-2026-3130
Name of the Vulnerable Software and Affected Versions Juniper Networks Junos OS versions prior to 22.4R3-S7 Juniper Networks Junos OS versions 23.2 before 23.2R2-S3 Juniper Networks Junos OS versions 23.4 before 23.4R2-S4 Juniper Networks Junos OS versions 24.2 before 24.2R2 Description A Double...
EulerOS 2.0 SP12 : cups (EulerOS-SA-2026-1065)
According to the versions of the cups package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, an unsafe...
Huawei EulerOS: Security Advisory for cups (EulerOS-SA-2026-1065)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-22401
There is a Remote DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability can affect service integrity...
PT-2026-28320
Name of the Vulnerable Software and Affected Versions Node.js versions 20.x through 25.x Description An incomplete fix allows bypassing of intended write restrictions when using the Permission Model with restricted --allow-fs-write. Specifically, the FileHandle.chmod and FileHandle.chown methods...
UBUNTU-CVE-2025-68246
In the Linux kernel, the following vulnerability has been resolved: ksmbd: close accepted socket when per-IP limit rejects connection When the per-IP connection limit is exceeded in ksmbdkthreadfn, the code sets ret = -EAGAIN and continues the accept loop without closing the just-accepted socket...
CVE-2025-62848 QTS, QuTS hero
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following versions: QTS 5.2.7.3297 build...
AlmaLinux 8 : cups (ALSA-2025:22063)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2025:22063 advisory. cups: Null Pointer Dereference in CUPS ippreadio Leading to Remote DoS CVE-2025-58364 Tenable has extracted the preceding description block directly from the...
RLSA-2025:21140 Important: idm:DL1 security update
Rocky Enterprise Software Foundation Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: python-kdcproxy: Unauthenticated SSRF via Realm?Controlled DNS SRV...
Linux Distros Unpatched Vulnerability : CVE-2025-65498
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NULL pointer dereference in coapdtlsgeneratecookie in src/coapopenssl.c in OISM libcoap 4.3.5 allows remote attackers to cause a denial of service via a crafted...
python-kdcproxy security update
An update is available for python-kdcproxy. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Python is an interpreted, interactive, object-oriented programming...