Slackware Linux 15.0 / current net-tools Vulnerability (SSA:2026-154-02)

The version of net-tools installed on the remote host is prior to 201811030eebece. It is, therefore, affected by a vulnerability as referenced in the SSA:2026-154-02 advisory. New net-tools packages are available for Slackware 15.0 and -current to fix a security issue. Tenable has extracted the...

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-8398link is external Daemon Tools Lite Embedded Malicious Code Vulnerability CVE-2026-45321link is external TanStack Unspecified Vulnerability...

Astra Linux - уязвимость в open-vm-tools

VMware Tools 12.0.0, 11.x.y, and 10.x.y contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the guest OS can escalate privileges as a root user in the virtual machine...

Astra Linux - уязвимость в open-vm-tools

VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges, who has access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled, may exploit this vulnerability to escalate...

CVE-2026-8784 npitre cramfs-tools cramfsck.c change_file_status symlink

A vulnerability was detected in npitre cramfs-tools up to 2.2. Affected is the function changefilestatus of the file cramfsck.c. Performing a manipulation results in symlink following. The attack requires a local approach. The exploit is now public and may be used. The patch is named...

CVE-2026-8784

A vulnerability was detected in npitre cramfs-tools up to 2.2. Affected is the function changefilestatus of the file cramfsck.c. Performing a manipulation results in symlink following. The attack requires a local approach. The exploit is now public and may be used. The patch is named...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.96 contained a security vulnerability. This vulnerability stemmed from insufficient policy execution in DevTools, allowing attackers who persuade users to install malicious extensions to leak...

Amazon Linux 2 : cri-tools, --advisory ALAS2-2026-3236 (ALAS-2026-3236)

"The version of cri-tools installed on the remote host is prior to 1.32.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3236 advisory. The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negati...

agkit (=0.27.0), mangadownloadlib (=1.0.0) +1 more potentially affected by CVE-2026-27809 via psd-tools (>=1.10.2 <=1.10.9)

psd-tools PYPI version =1.10.2, =3.5.0, =4.79.0 Source cves: CVE-2026-27809 Source advisory: SNYK:PYTHON-PSDTOOLS-15357995...

CVE-2025-66596

CVE-2025-66596 affects Yokogawa FAST/TOOLS. The issue is improper validation of request headers, where an attacker providing an invalid Host header can cause users to be redirected to malicious sites. Affected FAST/TOOLS packages: RVSVRN, UNSVRN, HMIWEB, FTEES, HMIMOB, across versions R9.01 to R1...

CVE-2025-66600

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. This product lacks HSTS HTTP Strict Transport Security configuration. When an attacker performs a Man in the middle MITM attack, communications with the web server could be sniffed. The affected products and...

CVE-2025-66605

A vulnerability has been found in FAST/TOOLS provided by Yokogawa Electric Corporation. Since there are input fields on this webpage with the autocomplete attribute enabled, the input content could be saved in the browser the user is using. The affected products and versions are as follows:...

PT-2026-7059

Name of the Vulnerable Software and Affected Versions FAST/TOOLS versions R9.01 through R10.04 Description The software displays detailed messages on error pages. This information could be used by attackers for further malicious activities. Recommendations Update to a version later than R10.04...

CVE-2026-21946

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are 9.2.0.0-9.2.26.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...

EUVD-2026-3563

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Web Runtime SEC. Supported versions that are affected are 9.2.0.0-9.2.26.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...

MiracleLinux 8 : container-tools:4.0 (AXSA:2023-5976:02)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-5976:02 advisory. golang: net/http: improper sanitization of Transfer-Encoding header CVE-2022-1705 golang: go/parser: stack exhaustion in all Parse functions...

MiracleLinux 7 : xfsprogs-3.2.2-2.el7 (AXSA:2015-743:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2015-743:01 advisory. A set of commands to use the XFS filesystem, including mkfs.xfs. XFS is a high performance journaling filesystem which originated on the SGI IRIX platform. It...

CVE-2018-1000849

Alpine Linux version Versions prior to 2.6.10, 2.7.6, and 2.10.1 contains a Other/Unknown vulnerability in apk-tools Alpine Linux' package manager that can result in Remote Code Execution. This attack appear to be exploitable via A specially crafted APK-file can cause apk to write arbitrary data ...

EUVD-2025-199882

fontTools is Vulnerable to Arbitrary File Write and XML injection in fontTools.varLib...

TencentOS Server 4: net-tools (TSSA-2025:0379)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0379 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...