2099 matches found
SUSE CVE-2023-53631
In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-sysman: Fix reference leak If a duplicate attribute is found using ksetfindobj, a reference to that attribute is returned. This means that we need to dispose it accordingly. Use kobjectput to dispose the...
CVE-2023-53631
CVE-2023-53631 — In Linux kernel, platform/x86 dell-sysman reference leak: if kset_find_obj() finds a duplicate attribute, a reference to that attribute can be returned and may not be disposed, potentially leaking references. Patch note: use kobject_put() to dispose the duplicate attribute. Affec...
PT-2025-41075
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A reference leak exists in the Linux kernel’s platform/x86/dell-sysman component. When a duplicate attribute is found using the kset find obj function, a reference to that attribute is...
EUVD-2025-26073
Malicious code in bioql PyPI...
EUVD-2025-30773
Malicious code in bioql PyPI...
EUVD-2025-28951
Malicious code in bioql PyPI...
CVE-2025-9983
GALAYOU G2 cameras stream video output via RTSP streams. By default these streams are protected by randomly generated credentials. However these credentials are not required to access the stream. Changing these values does not change camera's behavior. The vendor did not respond in any way. Only...
CVE-2025-9983 Lack of Authentication for RTSP stream
GALAYOU G2 cameras stream video output via RTSP streams. By default these streams are protected by randomly generated credentials. However these credentials are not required to access the stream. Changing these values does not change camera's behavior. The vendor did not respond in any way. Only...
CVE-2025-9983
The CVE-2025-9983 affects GALAYOU G2 IP cameras, where RTSP streams can be accessed without valid credentials. The issue arises because default credentials are not required to access streams, and changing them does not affect behavior, indicating an authentication bypass in the RTSP service. Affe...
Mozilla Firefox ESR < 115.28
The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 115.28. It is, therefore, affected by a vulnerability as referenced in the mfsa2025-74 advisory. - Integer overflow in the SVG component. This vulnerability affects Firefox 143, Firefox ESR 115.28, Firefox ESR...
CVE-2022-50321
CVE-2022-50321 corresponds to a Linux kernel wifi flaw in brcmfmac where brcmf_netdev_start_xmit() could leak memory when pskb_expand_head() fails, returning NETDEV_TX_OK without freeing the skb. The fix adds dev_kfree_skb() to properly free skb and was compile-tested; multiple Unity/Linux adviso...
UBUNTU-CVE-2025-39761
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Decrement TID on RX peer frag setup error handling Currently, TID is not decremented before peer cleanup, during error handling path of ath12kdprxpeerfragsetup. This could lead to out-of-bounds access in peer-rxtid...
UBUNTU-CVE-2025-39750
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Correct tid cleanup when tid setup fails Currently, if any error occurs during ath12kdprxpeertidsetup, the tid value is already incremented, even though the corresponding TID is not actually allocated. Proceed to...
Fedora 41 : loupe (2025-458d5882a1)
The remote Fedora 41 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-458d5882a1 advisory. Rebuild with tracing-subscriber v0.3.20 for CVE-2025-58160. Tenable has extracted the preceding description block directly from the Fedora security advisory...
CVE-2025-54541
QuickCMS is vulnerable to Cross-Site Request Forgery in page deletion functionality. Malicious attacker can craft special website, which when visited by the admin, will automatically send a POST request deleting an article. The vendor was notified early about this vulnerability, but didn't respon...
PT-2025-34982
Name of the Vulnerable Software and Affected Versions: QuickCMS version 6.8 Description: QuickCMS is susceptible to Reflected Cross-Site Scripting XSS through the sSort parameter within the admin panel functionality. An attacker can leverage this to execute arbitrary JavaScript code in a victim’s...
SUSE SLES15 Security Update : python311 (SUSE-SU-2025:02984-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:02984-1 advisory. - CVE-2025-8194: Fixed denial of service caused by tar archives with negative offsets bsc1247249. Tenable has extracted the preceding...
Fedora 42 : glab (2025-b597c89f32)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-b597c89f32 advisory. Update to 1.67.0 ---- Update to 1.66.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has...
Fedora 43 : docker-buildx (2025-f2bcb1f99e)
The remote Fedora 43 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-f2bcb1f99e advisory. Automatic update for docker-buildx-0.27.0-1.fc43. Changelog Wed Aug 20 2025 Bradley G Smith - 0.27.0-1 - Update to release v0.27.0 - Resolves: rhvz2388453,...
AlmaLinux 8 : tomcat (ALSA-2025:14177)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:14177 advisory. tomcat: Apache Tomcat DoS in multipart upload CVE-2025-48988 tomcat: Apache Tomcat: Security constraint bypass for pre/post-resources CVE-2025-49125...