Yokogawa FAST/TOOLS 安全漏洞

Yokogawa FAST/TOOLS is a real-time operation management and visualization software developed by Yokogawa Electric Corporation. There are security vulnerabilities in the versions of Yokogawa FAST/TOOLS from R9.01 to R10.04. These vulnerabilities stem from the Web server accepting the OPTIONS metho...

Important: cri-tools

Issue Overview: The various Is methods IsPrivate, IsLoopback, etc did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms. CVE-2024-24790 The net/http package accepted data in the chunked transfer encoding...

Amazon Linux 2 : cri-tools (ALAS-2025-2870)

The version of cri-tools installed on the remote host is prior to 1.32.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2870 advisory. The various Is methods IsPrivate, IsLoopback, etc did not work as expected for IPv4-mapped IPv6 addresses, returning...

EulerOS 2.0 SP10 : uboot-tools (EulerOS-SA-2025-1540)

According to the versions of the uboot-tools package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An integer overflow in ext4fsreadsymlink in Das U-Boot before 2025.01-rc1 occurs for zalloc adding one to an le32 variable via a crafted ext4...

RLSA-2024:2988 Moderate: container-tools:rhel8 security update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: urllib3: urllib3 does not remove the authorization HTTP header when following a cross-origin redirect CVE-2018-25091 golang: math/big.Rat: may cause a panic or an...

Vulnerabilities fixed in Oracle JD Edwards

Oracle has fixed vulnerabilities in JD Edwards EnterpriseOne Tools Specifically for versions 9.2.0.0 to 9.2.9.2. The vulnerabilities in JD Edwards EnterpriseOne Tools allow unauthenticated malicious actors to access the system via HTTP, which can lead to unauthorized access to and manipulation of...

CVE-2025-22870 vulnerabilities

Vulnerabilities for packages: rabbitmq-messaging-topology-operator-fips, flux, kubeflow-fips, azcopy, terraform-provider-pagerduty, spire-controller-manager-fips, flux-notification-controller, fuse-overlayfs-snapshotter, harbor-scanner-trivy-fips, kube-bench, conftest-fips, envoy-ratelimit-fips,...

Fedora 37 : android-tools (2022-6716cd0da2)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-6716cd0da2 advisory. Update to 33.0.3p1 Security fix for CVE-2022-20128 CVE-2022-3168 Tenable has extracted the preceding description block directly from the Fedora...

EulerOS 2.0 SP10 : uboot-tools (EulerOS-SA-2024-2896)

According to the versions of the uboot-tools packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : There exists an unchecked length field in UBoot.The U-Boot DFU implementation does not bound the length field in USB DFU download setup...

RHEL 8 : container-tools:rhel8 (RHSA-2024:8846)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:8846 advisory. The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: Podman:...

RHSA-2006:0267 Red Hat Security Advisory: ipsec-tools security update

Bulletin has no description...

MGASA-2024-0170 Updated tpm2-tools packages fixes security vulnerabilities

A flaw was found in the tpm2-tools package. This issue occurs due to a missing check whether the magic number in attest is equal to TPM2GENERATEDVALUE, which can allow an attacker to generate arbitrary quote data that may not be detected by tpm2checkquote CVE-2024-29038. The pcr selection which i...

The vulnerability of the Monitoring and Diagnostics component of the JD Edwards EnterpriseOne Tools in the enterprise resource management system makes it possible for a perpetrator to access confidential information.

The vulnerability of the Monitoring and Diagnostics component of the JD Edwards EnterpriseOne Tools in the enterprise resource management system exists due to insufficient validation of input data. Exploiting this vulnerability could allow attackers to access confidential information...

Important: open-vm-tools

Issue Overview: VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be ab...

VMware Releases Advisory for VMware Tools Vulnerabilities

VMware released a security advisory addressing multiple vulnerabilities CVE-2023-34057, CVE-2023-34058 in VMware Tools. A cyber actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the VMware advisory...

CVE-2022-31691

Spring Tools 4 for Eclipse version 4.16.0 and below as well as VSCode extensions such as Spring Boot Tools, Concourse CI Pipeline Editor, Bosh Editor and Cloudfoundry Manifest YML Support version 1.39.0 and below all use Snakeyaml library for YAML editing support. This library allows for some...

SUSE: Security Advisory (SUSE-SU-2022:3710-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Vulnerabilities of the Red Hat Enterprise Linux operating system, which allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the kernel-tools package of the Red Hat Enterprise Linux operating system can be exploited, which may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities in the SUSE Linux Enterprise operating system that allow attackers to compromise the accessibility of protected information

The multiple vulnerabilities in the ipsec-tools package of the SUSE Linux Enterprise operating system can lead to a violation of the accessibility of protected information. Exploitation of these vulnerabilities can be carried out remotely...

Ubuntu Update for ipsec-tools vulnerabilities USN-641-1

Ubuntu Update for Linux kernel vulnerabilities USN-641-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN6411.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for ipsec-tools vulnerabilities USN-641-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...