12 matches found
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : cups (SUSE-SU-2025:4319-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:4319-1 advisory. - The fix for CVE-2025-58436 causes a regression where GTK applications will hang. bsc1254353 See also...
Security update for cups
This update for cups fixes the following issues: The fix for CVE-2025-58436 causes a regression where GTK applications will hang. bsc1254353 See also https://github.com/OpenPrinting/cups/issues/1429 The fix has been temporary disabled. Patch Instructions: To install this SUSE update use the SUSE...
PT-2024-21813 · Zohocorp · Manageengine Ddi Central
Name of the Vulnerable Software and Affected Versions: Zohocorp ManageEngine DDI Central versions 4001 and prior Description: The issue allows a user to upload new files to the server folder due to a directory traversal vulnerability. Recommendations: For versions 4001 and prior, consider...
CVE-2024-39700 Remote Code Execution (RCE) vulnerability in jupyterlab extension template `update-integration-tests` GitHub Action
JupyterLab extension template is a copier template for JupyterLab extensions. Repositories created using this template with test option include update-integration-tests.yml workflow which has an RCE vulnerability. Extension authors hosting their code on GitHub are urged to upgrade the template to...
PT-2023-2417
Name of the Vulnerable Software and Affected Versions vm2 versions up to 3.9.16 Description The issue exists due to inadequate sanitization of special elements in the handleException function of the vm2 library, allowing a remote attacker to escape the sandbox and execute arbitrary code in the ho...
PT-2023-10125 · Agnivade · Easy-Scrypt
Name of the Vulnerable Software and Affected Versions: agnivade easy-scrypt versions prior to 1.0.0 Description: A vulnerability was found in agnivade easy-scrypt, affecting the VerifyPassphrase function of the file scrypt.go. The manipulation leads to observable timing discrepancy. The complexit...
CVE-2022-39270
DiscoTOC is a Discourse theme component that generates a table of contents for topics. Users that can create topics in TOC-enabled categories and have sufficient trust level - configured in component's settings are able to inject arbitrary HTML on that topic's page. The issue has been fixed on th...
SAP 3D Visual Enterprise Viewer 输入验证错误漏洞
SAP 3D Visual Enterprise Viewer is a 3D view viewer from SAP, Germany. The software supports the publishing of 2D and 3D scenes in all industry-standard desktop applications and supports separate installations as stand-alone executable programs and ActiveX spaces. An input validation error...
SAP 3D Visual Enterprise Viewer 输入验证错误漏洞
SAP 3D Visual Enterprise Viewer is a 3D view viewer from SAP Germany. The software supports publishing 2D and 3D scenes in all industry-standard desktop applications and supports separate installations as standalone executables and ActiveX spaces. The vulnerability can be exploited to crash the...
CVE-2022-31215
In certain Goverlan products, the Windows Firewall is temporarily turned off upon a Goverlan agent update operation. This allows remote attackers to bypass firewall blocking rules for a time period of up to 30 seconds. This affects Goverlan Reach Console before 10.5.1, Reach Server before 3.70.1,...
OracleVM 3.3 / 3.4 : nss (OVMSA-2018-0264)
The remote OracleVM system is missing necessary patches to address critical security updates : - Added nss-vendor.patch to change vendor - Temporarily disable some tests until expired PayPalEE.cert is renewed - Backport upstream fix for CVE-2018-12384 - Remove nss-lockcert-api-change.patch, which...
hostmap-robtex NSE Script
Discovers hostnames that resolve to the target's IP address by querying the online Robtex service at . TEMPORARILY DISABLED due to changes in Robtex's API. See Script Arguments slaxml.debug See the documentation for the slaxml library. http.host, http.max-body-size, http.max-cache-size,...