12475 matches found
MiracleLinux 8 : mod_auth_mellon-0.14.0-12.el8.1 (AXSA:2022-3531:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3531:01 advisory. modauthmellon: Open Redirect vulnerability in logout URLs CVE-2021-3639 Tenable has extracted the preceding description block directly from the MiracleLinux...
go1.24-1.24.12-1.1 on GA media (moderate)
go1.24-1.24.12-1.1 on GA media Announcement ID: openSUSE-SU-2026:10063-1 Rating: moderate Cross-References: CVE-2025-61726 CVE-2025-61728 CVE-2025-61730 CVE-2025-61731 CVE-2025-68119 CVE-2025-68121 CVSS scores: CVE-2025-61726 SUSE : 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVE-2025-61726...
Acer Updater Service code-related vulnerabilities
The Acer Updater Service is a software update tool provided by Acer, a company based in Taiwan, China. Version 1.2.3500.0 of the Acer Updater Service contains a code vulnerability. This vulnerability stems from an issue with the service path, where a service path without quotes was used, which ma...
Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied inpu...
RHSA-2026:0668 Red Hat Security Advisory: net-snmp security update
Bulletin has no description...
[SECURITY] Fedora 42 Update: linux-firmware-20260110-1.fc42
This package includes firmware files required for some devices to operate...
Security Bulletin: NVIDIA NSIGHT Graphics - January 2026
NVIDIA has released a software update for NVIDIA® NSIGHT Graphics. To protect your system, download and install this software update from the Download NVIDIA NSIGHT Graphics page. Go to NVIDIA Product Security...
openSUSE Security Advisory (SUSE-SU-2026:0115-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Multiple vulnerabilities in EATON UPS Companion
Overview EATON UPS Companion provided by Eaton contains multiple vulnerabilities listed below. Uncontrolled search path element CWE-427, CVE-2025-59887 Unquoted search path or element CWE-428, CVE-2025-59888 Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported these vulnerabilities to th...
MiracleLinux 8 : xmlrpc-c-1.51.0-11.el8_10 (AXSA:2025-9874:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9874:01 advisory. libexpat: expat: Improper Restriction of XML Entity Expansion Depth in libexpat CVE-2024-8176 Tenable has extracted the preceding description block directly...
MiracleLinux 8 : libxml2-2.9.7-21.el8_10.3 (AXSA:2025-10704:13)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-10704:13 advisory. libxml2: Out-of-bounds Read in xmlSchemaIDCFillNodeTables CVE-2025-32415 Tenable has extracted the preceding description block directly from the MiracleLinu...
SUSE: Security Advisory (SUSE-SU-2026:0085-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2026-0830
CVE-2026-0830 affects Kiro IDE (pre-0.6.18). The vulnerability arises from processing specially crafted workspace folder names in the GitLab Merge Request helper, which can lead to arbitrary command injection on the user’s machine when opening malicious workspaces. Public sources (NVD, Red Hat, C...
CVE-2018-4398
An issue existed in the method for determining prime numbers. This issue was addressed by using pseudorandom bases for testing of primes. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1, iTunes 12.9.1, iCloud for Windows 7.8...
CVE-2018-4288
Multiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6...
CVE-2018-4438
A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9...
CVE-2021-22799
A CWE-331: Insufficient Entropy vulnerability exists that could cause unintended connection from an internal network to an external network when an attacker manages to decrypt the SESU proxy password from the registry. Affected Product: Schneider Electric Software Update, V2.3.0 through V2.5.1...
CVE-2022-23699
A local authentication restriction bypass vulnerability was discovered in HPE OneView versions: Prior to 6.6. HPE has provided a software update to resolve this vulnerability in HPE OneView...
CVE-2022-23671
A remote authenticated information disclosure vulnerability was discovered in Aruba ClearPass Policy Manager versions: 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability...
CVE-2022-23662
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy Manager versions: 6.10.4 and below, 6.9.9 and below, 6.8.9-HF2 and below, 6.7.x and below. Aruba has released updates to ClearPass Policy Manager that address this security vulnerability...