65 matches found
RHEL 10 : python3.14 (RHSA-2026:19019)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19019 advisory. Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level...
SUSE-SU-2026:21254-1 Security update for python311
This update for python311 fixes the following issues: - CVE-2025-13462: incorrect parsing of TarInfo when GNU long name and type AREGTYPE are combined can lead to misinterpretation of tar archives bsc1259611. - CVE-2026-3479: improper resource argument validation in pkgutil.getdata can lead to pa...
PT-2026-28357
Name of the Vulnerable Software and Affected Versions CPCI85 Central Processing/Communication versions prior to V26.10 SICORE Base system versions prior to V26.10.0 Description An out-of-bounds write issue exists when parsing specially crafted XML inputs. This could allow an unauthenticated...
MiracleLinux 7 : rh-php73-php-7.3.33-1.el7 (AXSA:2022-3369:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3369:01 advisory. php: password of excessive length triggers buffer overflow leading to RCE CVE-2022-31626 php: Local privilege escalation via PHP-FPM CVE-2021-21703...
CVE-2024-34392
libxmljs is vulnerable to a type confusion vulnerability when parsing a specially crafted XML while invoking the namespaces function which invokes wrapxmlNodensDefget on a grand-child of a node that refers to an entity. This vulnerability can lead to denial of service and remote code execution...
Authentication Bypass
ruby-saml is vulnerable to authentication bypass. The vulnerability is due to inconsistent XML parsing between REXML and Nokogiri resulting in different document structures, which allows an attacker to perform a Signature Wrapping attack and bypass authentication...
RHEL 10 : expat (RHSA-2025:19403)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:19403 advisory. Expat is a C library for parsing XML documents. Security Fixes: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocatio...
UBUNTU-CVE-2025-11731
A flaw was found in the exsltFuncResultComp function of libxslt, which handles EXSLT elements during stylesheet parsing. Due to improper type handling, the function may treat an XML document node as a regular XML element node, resulting in a type confusion. This can cause unexpected memory reads...
EUVD-2016-5436
Malware in sbrugna...
EUVD-2018-6390
Malware in sbrugna...
EUVD-2021-18491
Malware in sbrugna...
EUVD-2016-8738
Malware in sbrugna...
EUVD-2019-10564
Malware in sbrugna...
EUVD-2017-17507
Malware in sbrugna...
EUVD-2016-3644
Malware in sbrugna...
EUVD-2021-8879
Malicious code in bioql PyPI...
EUVD-2022-27927
Malicious code in bioql PyPI...
EUVD-2023-0484
Malicious code in bioql PyPI...
EUVD-2025-23382
Malicious code in bioql PyPI...
Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 : Ruby vulnerabilities (USN-7734-1)
The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7734-1 advisory. It was discovered that Ruby incorrectly handled certain IO stream methods. A remote attacker could use this...