TencentOS Server 3: glibc (TSSA-2025:0993)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0993 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

CVE-2025-66108

Missing Authorization vulnerability in Merlot Digital by TNC TNC Toolbox: Web Performance tnc-toolbox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TNC Toolbox: Web Performance: from n/a through = 2.0.4...

CVE-2025-21595

A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause an FPC to crash, leading to Denial of Service DoS. On all Junos OS and Junos OS Evolved...

WordPress EthereumICO plugin <= 2.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via ethereum-ico Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via ethereum-ico Shortcode vulnerability discovered by zaim in WordPress Plugin EthereumICO versions = 2.4.6...

MISP 安全漏洞

MISP is an open source software solution from MISP Open Source. The product is used to collect, store, distribute, and share cybersecurity metrics and has features such as threat cybersecurity event analysis and malware analysis. A security vulnerability exists in MISP versions prior to 2.4.198...

WordPress Tax Rate Upload plugin <= 2.4.5 - CSRF leading to Cross Site Scripting (XSS) vulnerability

CSRF leading to Cross Site Scripting XSS vulnerability discovered by thiennv Patchstack Alliance in WordPress Plugin Tax Rate Upload versions = 2.4.5...

SUSE CVE-2006-1168

The decompress function in compress42.c in 1 ncompress 4.2.4 and 2 liblzw allows remote attackers to cause a denial of service crash, and possibly execute arbitrary code, via crafted data that leads to a buffer underflow...

SUSE CVE-2021-29611

TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in SparseReshape results in a denial of service based on a CHECK-failure. The...

PYSEC-2021-741

TensorFlow is an end-to-end open source platform for machine learning. The implementation of ParseAttrValuehttps://github.com/tensorflow/tensorflow/blob/c22d88d6ff33031aa113e48aa3fc9aa74ed79595/tensorflow/core/framework/attrvalueutil.ccL397-L453 can be tricked into stack overflow due to recursion...

DEBIAN-CVE-2018-9263

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the Kerberos dissector could crash. This was addressed in epan/dissectors/packet-kerberos.c by ensuring a nonzero key length...

CVE-2016-3524

Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows remote attackers to affect confidentiality and integrity via vectors related to Configuration...

UBUNTU-CVE-2016-0738

OpenStack Object Storage Swift before 2.3.1 Kilo, 2.4.x, and 2.5.x before 2.5.1 Liberty do not properly close server connections, which allows remote attackers to cause a denial of service proxy-server resource consumption via a series of interrupted requests to a Large Object URL...