23 matches found
CVE-2025-69599
RayVentory Scan Engine through 12.6 Update 8 allows attackers to gain privileges if they control the value of the PATH environment variable. NOTE: this is disputed because ability of an attacker to control the environment is a site-specific misconfiguration...
PT-2026-38671
Name of the Vulnerable Software and Affected Versions RayVentory Scan Engine versions prior to 12.6 Update 9 Description An issue exists where attackers can gain elevated privileges if they have control over the value of the PATH environment variable. This condition is noted as being dependent on...
SUSE-SU-2025:21115-1 Security update for kernel-livepatch-MICRO-6-0_Update_12
This update for kernel-livepatch-MICRO-6-0Update12 fixes the following issues: - CVE-2025-38616: tls: handle data disappearing from under the TLS ULP bsc1249537...
SUSE-SU-2025:20850-1 Security update for kernel-livepatch-MICRO-6-0_Update_12
This update for kernel-livepatch-MICRO-6-0Update12 fixes the following issues: New livepatch SLE Micro 6.0/6.1 kernel update 12...
SUSE-SU-2025:20740-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_12
This update for kernel-livepatch-MICRO-6-0-RTUpdate12 fixes the following issues: - New livepatch SLE Micro 6.0/6.1 kernel rt update 12...
SUSE-SU-2025:20793-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_12
This update for kernel-livepatch-MICRO-6-0-RTUpdate12 fixes the following issues: - New livepatch SLE Micro 6.0/6.1 kernel rt update 12...
Security update for open-vm-tools
This update for open-vm-tools fixes the following issues: Update to 12.5.2: Security fixes: CVE-2025-22247: Fixed Insecure file handling bsc1243106 Other fixes: Fixed GCC 15 compile time error bsc1241938 Fixed building with containerd 1.7.25+ bsc1237147 Full changelog:...
PT-2023-22017 · Ncp · Ncp Secure Enterprise Client
Name of the Vulnerable Software and Affected Versions: NCP Secure Enterprise Client versions prior to 12.22 Description: The issue allows attackers to delete arbitrary files on the operating system by creating a symbolic link. This is possible due to a flaw in the Support Assistant component of t...
Microsoft Exchange Server Security Vulnerability
Microsoft Exchange Server is the United States Microsoft Microsoft company's set of e-mail service program. It provides email access, storage, forwarding, voice mail, email filtering and screening. A security vulnerability exists in Microsoft Exchange Server. The vulnerability is exploited by...
PT-2023-5182 · Unknown · Qms Automotive
Name of the Vulnerable Software and Affected Versions: QMS Automotive versions prior to V12.39 Description: A vulnerability has been identified in QMS Automotive that allows an attacker to enumerate usernames and identify valid usernames due to the application returning inconsistent error message...
SUSE CVE-2009-1102
Unspecified vulnerability in the Virtual Machine in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12 and earlier allows remote attackers to access files and execute arbitrary code via unknown vectors related to "code generation."...
PT-2022-6992 · Apple · Apple Macos
Name of the Vulnerable Software and Affected Versions: macOS versions prior to 11.6.6 macOS versions prior to 12.4 Description: The issue is related to the PackageKit component in macOS, which has insufficient access controls. Exploitation of this issue may allow an attacker to execute arbitrary...
KB3152637 - Cumulative Update 12 for SQL Server 2012 SP2
KB3152637 - Cumulative Update 12 for SQL Server 2012 SP2 This article describes cumulative update package 12 Build number: 11.0.5649.0 for Microsoft SQL Server 2012 Service Pack 2 SP2. This update contains fixes that were released after the release of SQL Server 2012 SP2. Notes Cumulative updates...
OpenJDK: Insufficient restriction of privileges in AccessController (Security, 8216381)
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Security. Supported versions that are affected are Java SE: 8u212, 11.0.3 and 12.0.1; Java SE Embedded: 8u211. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multip...
DEBIAN-CVE-2019-2602
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: Libraries. Supported versions that are affected are Java SE: 7u211, 8u202, 11.0.2 and 12; Java SE Embedded: 8u201. Easily exploitable vulnerability allows unauthenticated attacker with network access via...
Adobe ColdFusion APSB17-30 Remote Command Execution Vulnerability (CNVD-2017-30530)
Adobe ColdFusion is the United States of America Audobee Adobe a dynamic Web server products, which runs the CFML ColdFusion Markup Language is a programming language for Web applications. A security vulnerability exists in Adobe ColdFusion 2016 release Update 4 and earlier and ColdFusion 11 Upda...
OpenJDK: PNG and GIF processing buffer overflow vulnerabilities (6804996, 6804997)
Multiple buffer overflows in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12 and earlier allow remote attackers to access files or execute arbitrary code via 1 a crafted PNG image that triggers an integer overflow during memory allocation for display on the splash screen,...
OpenJDK: DoS (disk consumption) via handling of temporary font files
Multiple unspecified vulnerabilities in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allow remote attackers to cause a denial of service disk consumption via vectors related to temporary font files and 1 "limits on Font...
OpenJDK Pack200 Buffer overflow vulnerability (6792554)
Integer overflow in unpack200 in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier, and 6 Update 12 and earlier, allows remote attackers to access files or execute arbitrary code via a JAR file with crafted Pack200 headers...
OpenJDK JAX-WS service endpoint remote Denial-of-Service (6630639)
Unspecified vulnerability in the lightweight HTTP server implementation in Java SE Development Kit JDK and Java Runtime Environment JRE 6 Update 12 and earlier allows remote attackers to cause a denial of service probably resource consumption for a JAX-WS service endpoint via a connection without...