7 matches found
AlmaLinux 9 : tomcat (ALSA-2025:14181)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:14181 advisory. tomcat: Apache Tomcat DoS in multipart upload CVE-2025-48988 tomcat: Apache Tomcat: Security constraint bypass for pre/post-resources CVE-2025-49125...
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : Sidekiq vulnerabilities (USN-7695-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7695-1 advisory. Anas Roubi discovered that Sidekiq did not correctly sanitize certain inputs. An attacker could possibly use this issue to execut...
Grafana 11.1.x < 11.6.0+security-01 Cross-site Scripting
According to its self-reported version, the Grafana install hosted on the remote host is 11.1.x earlier than 11.2.8+security-01, or 11.1.x earlier than 11.3.5+security-01, or 11.1.x earlier than 11.4.3+security-01, or 11.1.x earlier than 11.5.3+security-01, or 11.1.x earlier than...
Drupal 10.3.x < 10.3.14 / 10.4.x < 10.4.5 / 11.x < 11.0.13 / 11.1.x < 11.1.5 Drupal Vulnerability (SA-CORE-2025-004)
According to its self-reported version, the instance of Drupal running on the remote web server is 10.3.x prior to 10.3.14, 10.4.x prior to 10.4.5, 11.x prior to 11.0.13, or 11.1.x prior to 11.1.5. It is, therefore, affected by a vulnerability. - Improper Neutralization of Input During Web Page...
Azure Linux 3.0 Security Update: kernel (CVE-2024-56728)
The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56728 advisory. - In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: handle otx2mboxgetrsp erro...
MariaDB 11.4.0 < 11.4.5
The version of MariaDB installed on the remote host is prior to 11.4.5. It is, therefore, affected by a vulnerability as referenced in the 11.4.5 advisory. - Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.40 and prior, 8.4...
Linux Foundation Badge Program Boost Open Source Security
The Linux Foundation says a new Core Infrastructure Initiative CII Best Practices Badge program launched Tuesday will help companies interested in adopting open source technologies evaluate projects based on security, quality and stability. The CII Best Practices Badge does not issue certificates...