40 matches found
Ubuntu: Security Advisory (USN-7455-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
PT-2025-15592
Name of the Vulnerable Software and Affected Versions Microsoft Office Word affected versions not specified Microsoft 365 Apps for Enterprise affected versions not specified Microsoft Office affected versions not specified Microsoft Office Long Term Servicing Channel affected versions not specifi...
Advisory ROSA-SA-2025-2752
Software: opensc 0.20.0 OS: ROSA Virtualization 2.1 packageevrstring: opensc-0.20.0-8.rv3 CVE-ID: CVE-2023-2977 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A vulnerability in OpenSC causes a buffer overflow in the pkcs15 cardoshaveverifyrcpackage function, allowing an attacker to cause a processing...
KLA80252 ACE vulnerability in Microsoft Apps
A remote code execution vulnerability was found in Microsoft Apps. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories CVE-2025-21355 Related products Microsoft-Bing CVE list CVE-2025-21355 critical KB list Solution Install necessary updates from the KB...
KLA79417 SUI vulnerability in Microsoft Browser
Use after free vulnerability was found in Microsoft Browser. Malicious users can exploit this vulnerability to execute arbitrary code, spoof user interface, cause denial of service. Original advisories CVE-2025-0762 Related products Microsoft-Edge CVE list CVE-2025-0762 warning Solution Install...
Node.js < 18.20.6, 20.x < 20.18.2, 21.x < 22.13.1, 23.x < 23.6.1 Multiple Vulnerabilities - Windows
Node.js is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:nodejs:node.js"; ifdescription...
KLA78055 OSI vulnerability in Microsoft System Center
Information disclosure vulnerability was found in Microsoft System Center. Malicious users can exploit this vulnerability to obtain sensitive information. Original advisories CVE-2024-49071 Related products Microsoft-Windows Microsoft-Defender-for-Endpoint-for-Windows CVE list CVE-2024-49071 high...
Oracle Linux 8 : container-tools:ol8 (ELSA-2024-10289)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-10289 advisory. aardvark-dns buildah 2:1.33.11-1 - update to the latest content of https://github.com/containers/buildah/tree/release-1.33...
ROS-2-1636
2.1636 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...
PT-2023-6013 · Fortinet · Fortisandbox
Name of the Vulnerable Software and Affected Versions: FortiSandbox versions 2.4.1, 2.5.0 through 2.5.2, 3.0.0 through 3.0.7, 3.1.0 through 3.1.5, 3.2.0 through 3.2.4, 4.0.0 through 4.0.3, 4.2.0 through 4.2.5, 4.4.0, 4.4.1 Description: The issue exists due to improper neutralization of input duri...
PT-2023-23843 · WordPress · Rolf Van Gelder Order Your Posts Manually
Name of the Vulnerable Software and Affected Versions: Rolf van Gelder Order Your Posts Manually plugin versions 2.2.5 and earlier Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This allows for malicious scripts to be injected into a website,...
PT-2022-17112 · Jenkins · Jenkins Pipeline: Groovy Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Pipeline: Groovy Plugin versions 2648.va9433432b33c and earlier Jenkins Pipeline: Groovy Plugin prior to 2656.vf7a e7b 75a 457 Jenkins Pipeline: Groovy Plugin version 2.94.1 Jenkins Pipeline: Groovy Plugin version 2.92.1 Description:...
ROS-2-1596
2.1596 PyYAML parser vulnerability CVE-2020-14343 1. Vulnerability description: A vulnerability in the PyYAML parser, is related to insufficient validation of user input when processing unreliable YAML files using the fullload method or the FullLoader loader. Exploitation of the vulnerability...
ROS-2-1912
2.1912 Denial of Service in libX11CVE-2021-31535 1. Vulnerability Description: The vulnerability allows a local user to execute a denial of service DoS attack. The vulnerability exists due to insufficient validation of color names in the XLookupColor function. A local user can launch a specially...
ROS-2-1825
2.1825 Multiple vulnerabilities in ISC BIND CVE-2021-25216, CVE-2021-25215, CVE-2021-25214 1. Vulnerability Description: CVE-2021-25216 A vulnerability exists due to a boundary error in the GSS-TSIG extension. A remote attacker can send specially crafted requests to the server, trigger a buffer...
ROS-2-1917
2.1917 Vulnerability in SpamAssassin spam filtering tool CVE-2020-1946 1. Vulnerability Description: CVE-2020-1946 A vulnerability in the SpamAssassin spam filtering tool, is related to improper input validation when processing rule configuration .cf files. Exploitation of the vulnerability could...
PT-2021-16544 · Samsung · Samsung Account
Name of the Vulnerable Software and Affected Versions: Samsung Account versions prior to 10.7.0.7 Samsung Account versions prior to 12.1.1.3 Description: The issue is related to improper access control in the EmailValidationView of Samsung Account, allowing physically proximate attackers to log o...
PT-2019-1956 · Oracle · Oracle General Ledger +1
Name of the Vulnerable Software and Affected Versions: Oracle E-Business Suite versions 12.1.1 through 12.1.3 Oracle E-Business Suite versions 12.2.3 through 12.2.8 Description: The issue is related to insufficient access control in the Consolidation Hierarchy Viewer component of Oracle E-Busines...
Mandrake Linux Security Advisory : wv (MDKSA-2004:077)
iDefense discovered a buffer overflow vulnerability in the wv package which could allow an attacker to execute arbitrary code with the privileges of the user running the vulnerable application. The updated packages are patched to protect against this problem. %NASLMINLEVEL 70300 C Tenable Network...
Sophos Anti-Virus Detection and Status
Sophos Anti-Virus, a commercial antivirus software package for Windows, is installed on the remote host. However, there is a problem with the installation; either its services are not running or its engine and/or virus definitions are out of date. C Tenable Network Security, Inc...