108 matches found
Microsoft Exchange Server 服务端请求伪造漏洞
Microsoft Exchange Server is a email service program provided by the American company Microsoft. It offers features such as email access, storage, forwarding, voicemail handling, and email filtering. There are code vulnerabilities in Microsoft Exchange Server. Attackers can exploit these...
SUSE-SU-2026:21704-1 Security update for kernel-livepatch-MICRO-6-0_Update_21
This update for kernel-livepatch-MICRO-6-0Update21 fixes the following issues: - New livepatch SLE Micro 6.0/6.1 kernel update 21...
SUSE-SU-2026:21674-1 Security update for kernel-livepatch-MICRO-6-0_Update_21
This update for kernel-livepatch-MICRO-6-0Update21 fixes the following issues: - New livepatch SLE Micro 6.0/6.1 kernel update 21...
SUSE-SU-2026:21639-1 Security update for kernel-livepatch-MICRO-6-0-RT_Update_21
New Livepatch SLE Micro 6.0/6.1 kernel rt update 21...
Fedora 42 : nodejs20 (2026-fb4878551d)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-fb4878551d advisory. Update to version 20.20.0 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
SUSE SLES15 Security Update : nodejs22 (SUSE-SU-2026:0301-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0301-1 advisory. Security fixes: - CVE-2026-22036: Fixed unbounded decompression chain in HTTP response leading to resource exhaustion bsc1256848 -...
Oracle Linux 10 / 8 / 9 : java-21-openjdk (ELSA-2026-0928)
The remote Oracle Linux 10 / 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0928 advisory. 1:21.0.10.0.7-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:21.0.10.0.7-1 - Update to jdk-21.0.10+7 GA - Update release notes to...
PT-2025-44871
Name of the Vulnerable Software and Affected Versions watchOS versions prior to 26.1 iOS versions prior to 26.1 iPadOS versions prior to 26.1 tvOS versions prior to 26.1 visionOS versions prior to 26.1 Description A permissions issue existed that allowed an application to potentially list the...
PT-2025-44864
Name of the Vulnerable Software and Affected Versions WebKit versions prior to 18.7.2 Description A buffer overflow exists in the WebKit web page rendering module of iOS and iPadOS. This issue is due to insufficient bounds checking when processing data. Successful exploitation could allow a remot...
PT-2025-44867
Name of the Vulnerable Software and Affected Versions Apple Safari versions prior to 26.1 visionOS versions prior to 26.1 watchOS versions prior to 26.1 iOS versions prior to 26.1 iPadOS versions prior to 26.1 tvOS versions prior to 26.1 Description A use-after-free issue exists due to improper...
CVE-2023-53623
In the Linux kernel, the following vulnerability has been resolved: mm/swap: fix swapinfostruct race between swapoff and getswappages The si-lock must be held when deleting the si from the available list. Otherwise, another thread can re-add the si to the available list, which can lead to memory...
Microsoft Exchange Server 信息泄露漏洞
Microsoft Exchange Server is a set of e-mail service programs from Microsoft. It provides email access, storage, forwarding, voice mail, email filtering and screening. An information disclosure vulnerability exists in Microsoft Exchange Server. An attacker could exploit this vulnerability to obta...
Microsoft Exchange Server 安全漏洞
Microsoft Exchange Server is a set of e-mail service programs from the American Microsoft Corporation Microsoft. It provides email access, storage, forwarding, voice mail, email filtering and screening. A security vulnerability exists in Microsoft Exchange Server. The vulnerability is exploited b...
Microsoft Exchange Server 输入验证错误漏洞
Microsoft Exchange Server is a set of e-mail service programs from Microsoft USA. It provides email access, storage, forwarding, voicemail, email filtering and screening, and other features. An input validation error vulnerability exists in Microsoft Exchange Server that stems from incorrect inpu...
Microsoft SQL Server SQL注入漏洞
Microsoft SQL Server is a large commercial database system from Microsoft Corporation USA that is applied under the Microsoft Windows system. A SQL injection vulnerability exists in Microsoft SQL Server. An attacker can exploit the vulnerability to elevate privileges. The following products and...
PT-2025-32206 · 4C Strategies · 4C Strategies Exonaut
Name of the Vulnerable Software and Affected Versions: 4C Strategies Exonaut versions prior to 22.4 Description: The 4C Strategies Exonaut software was found to have insecure permissions. Recommendations: Update to version 22.4 or later...
PT-2025-32410
Name of the Vulnerable Software and Affected Versions 7-Zip versions prior to 25.01 Description An issue exists in 7-Zip where symbolic links are not always properly handled during the extraction of archives. This flaw allows a remote attacker to use a specially crafted archive to perform arbitra...
CVE-2024-8321
Missing authentication in Network Isolation of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to isolate managed devices from the network...
Microsoft SQL Server 资源管理错误漏洞
Microsoft SQL Server is a large commercial database system from Microsoft Corporation USA that is used under Microsoft Windows. A resource management error vulnerability exists in Microsoft SQL Server. An attacker exploiting this vulnerability could remotely execute code. The following products a...
Microsoft SQL Server Security Vulnerability
Microsoft SQL Server is a large commercial database system from Microsoft Corporation USA that is used under Microsoft Windows. A security vulnerability exists in Microsoft SQL Server. An attacker exploiting this vulnerability could remotely execute code. The following products and editions are...