Fedora 44 : haproxy (2026-53196fc291)

The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-53196fc291 advisory. Upgrade to 3.0.23 see https://www.haproxy.org/download/3.0/src/CHANGELOG for full upstream changelog Tenable has extracted the preceding description...

CVE-2026-41126 BigBlueButton has Open Redirect through bigbluebutton/api/join via get-parameter "logoutURL"

BigBlueButton is an open-source virtual classroom. Versions prior to 3.0.24 have an Open Redirect through bigbluebutton/api/join via get-parameter "logoutURL." Version 3.0.24 has adjusted the handling of requests with incorrect checksum so that the default logoutURL is used. No known workarounds...

CLEANSTART-2026-JW58725 Security fixes for CVE-2025-55190, CVE-2025-55191, CVE-2025-58183, CVE-2025-58185, CVE-2025-58187, CVE-2025-58188, CVE-2025-58189, CVE-2025-59537, CVE-2025-59538, CVE-2025-61723, CVE-2025-61724, CVE-2025-61725, CVE-2026-1229, CVE-2026-24051, CVE-2026-25934, ghsa-2v5j-vhc3-9cwm, ghsa-2vgg-9h3w-qbr4, ghsa-2x5j-vhc8-9cwm, ghsa-2xsj-vh29-9cwm, ghsa-3wgm-2mw2-vh5m, ghsa-4x4m-3c2p-qppc, ghsa-6v2p-p543-phr9, ghsa-92cp-5422-2m47, ghsa-93mq-9ffx-83m2, ghsa-f6x5-jh6r-wrfv, ghsa-hj2p-8wj8-pfq4, ghsa-j5w8-q4qc-rx2x, ghsa-mh63-6h87-95cp, ghsa-mw99-9chc-xw7r, ghsa-r6j8-c6r2-37rr applied in versions: 2.13.9-r0, 2.14.20-r0, 3.0.16-r0, 3.0.19-r0, 3.0.22-r0, 3.0.23-r0, 3.0.23-r1, 3.1.4-r0, 3.1.8.-r0, 3.1.9-r4

Multiple security vulnerabilities affect the argo-cd package. These issues are resolved in later releases. See references for individual vulnerability details...

UBUNTU-CVE-2024-25569

An out-of-bounds read vulnerability exists in the RAWCodec::DecodeBytes functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted DICOM file can lead to an out-of-bounds read. An attacker can provide a malicious file to trigger this vulnerability...

Grassroot DICOM 缓冲区错误漏洞

Grassroot DICOM is a Sourceforge open source C++ library for DICOM medical files. A buffer error vulnerability exists in Grassroot DICOM version 3.0.23, which stems from the presence of a heap-based buffer overflow vulnerability, where a specially crafted, incorrectly-formatted file could result ...

Grassroot DICOM 缓冲区错误漏洞

Grassroot DICOM is a Sourceforge open source C++ library for DICOM medical files. A security vulnerability exists in Grassroot DICOM version 3.0.23, which stems from the presence of an out-of-bounds write vulnerability, where a specially crafted DICOM file may cause a heap buffer overflow...

PT-2024-19385

Name of the Vulnerable Software and Affected Versions Mathieu Malaterre Grassroot DICOM version 3.0.23 Description A heap-based buffer overflow issue exists in the LookupTable::SetLUT functionality. This can be triggered by a specially crafted malformed file, leading to memory corruption. An...

PT-2024-19372

Name of the Vulnerable Software and Affected Versions Mathieu Malaterre Grassroot DICOM version 3.0.23 Description An out-of-bounds write issue exists in the JPEG2000Codec::DecodeByStreamsCommon functionality. A specially crafted DICOM file can lead to a heap buffer overflow. An attacker can...

CVE-2020-8759

Improper access control in the installer for IntelR SSD DCT versions before 3.0.23 may allow a privileged user to potentially enable escalation of privilege via local access...

Intel® SSD DCT Advisory

Summary: A potential security vulnerability in the Intel® SSD Data Center Tool DCT may allow escalation of privilege. Intel is releasing software updates to mitigate this potential vulnerability. Vulnerability Details: CVEID: CVE-2020-8759 Description: Improper access control in the installer for...

MySQL Enterprise Monitor 2.3.x < 2.3.21 / 3.0.x < 3.0.23 Multiple Vulnerabilities

According to its self-reported version, the MySQL Enterprise Monitor application running on the remote host is 2.3.x prior to 2.3.21 or 3.0.x prior to 3.0.23. It is, therefore, potentially affected by multiple vulnerabilities : - An invalid read error exists in the ASN1TYPEcmp function due to...

openSUSE Security Update : privoxy (openSUSE-2015-115)

privoxy was updated to version 3.0.23 to fix three security issues. These security issues were fixed : - Fixed a DoS issue in case of client requests with incorrect chunk-encoded body. When compiled with assertions enabled the default they could previously cause Privoxy to abort CVE-2015-1380. -...