ROOT-OS-DEBIAN-13-CVE-2026-23373 CVE-2026-23373 in rootio-linux - Patched by Root

Root has patched CVE-2026-23373 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

CVE-2026-43504

An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5, when modproxy65 is enabled. Because modproxy65 mishandles access control in a paused scenario, relaying of unauthenticated traffic can occur...

CVE-2026-43506

An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5. A Denial of Service can occur via memory exhaustion caused by memory leaks from unauthenticated connections...

CVE-2023-40779

An issue in IceWarp Mail Server Deep Castle 2 v.13.0.1.2 allows a remote attacker to execute arbitrary code via a crafted request to the URL...

EUVD-2023-25179

Malicious code in bioql PyPI...

EUVD-2022-25538

Malicious code in bioql PyPI...

EUVD-2023-25150

Malicious code in bioql PyPI...

EUVD-2023-25298

Malicious code in bioql PyPI...

EUVD-2022-25599

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2018-14636

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the...

Linux Distros Unpatched Vulnerability : CVE-2017-17664

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Remote Crash issue was discovered in Asterisk Open Source 13.x before 13.18.4, 14.x before 14.7.4, and 15.x before 15.1.4 and Certified Asterisk before...

Linux Distros Unpatched Vulnerability : CVE-2022-49971

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/amd/pm: Fix a potential gpumetricstable memory leak Memory is allocated for gpumetricstable in smuv1304initsmctables, but not freed in smuv1304finismctables...

GHSA-PGVC-6H2P-Q4F6 Umbraco CMS disclosure of configured password requirements

Impact Via a request to an anonymously authenticated endpoint it's possible to retrieve information about the configured password requirements. The information available is limited but would perhaps give some additional detail useful for someone attempting to brute force derive a user's password...

ThinManager Path Traversal (CVE-2023-27856) Arbitrary File Download

This module exploits a path traversal vulnerability CVE-2023-27856 in ThinManager use auxiliary/gather/thinmanagertraversaldownload msf auxiliarythinmanagertraversaldownload show actions ...actions... msf auxiliarythinmanagertraversaldownload set ACTION msf auxiliarythinmanagertraversaldownload...

CVE-2024-49338

IBM App Connect Enterprise 12.0.1.0 through 12.0.7.0and 13.0.1.0 under certain configurations could allow a privileged user to obtain JMS credentials...

CVE-2023-20991

In btmbleprocessperiodicadvsynclostevt of blescannerhciinterface.cc , there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product:...

CVE-2022-20521

In sdpufindmostspecificserviceuuid of sdputils.cc, there is a possible way to crash Bluetooth due to a missing null check. This could lead to local denial of service with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions:...

macOS 13.x < 13.7.6 Multiple Vulnerabilities (122718)

The remote host is running a version of macOS / Mac OS X that is 13.x prior to 13.7.6. It is, therefore, affected by multiple vulnerabilities: - A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML...

CVE-2025-20970

Improper access control in Bixby Vision prior to version 3.8.1 in Android 13, 3.8.3 in Android 14, 3.8.21 in Android 15 allows local attackers to access image files with Bixby Vision privilege...

CVE-2025-20897

Improper access control in Secure Folder prior to version 1.9.20.50 in Android 14, 1.8.11.0 in Android 13, and 1.7.04.0 in Android 12 allows local attacker to access data in Secure Folder...