SourceCodester Patient Appointment Scheduler 安全漏洞

SourceCodester Patient Appointment Scheduler is an open-source patient appointment scheduling tool developed by SourceCodester. Version 1.0 of the SourceCodester Patient Appointment Scheduler contains a security vulnerability. This vulnerability stems from an SQL injection vulnerability in the fi...

SourceCodester Patient Appointment Scheduler 安全漏洞

SourceCodester Patient Appointment Scheduler is an open-source patient appointment scheduling tool developed by SourceCodester. Version 1.0 of the SourceCodester Patient Appointment Scheduler contains a security vulnerability. This vulnerability stems from an SQL injection vulnerability present i...

PT-2026-32679

A insufficiently protected credentials vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4 all versions, FortiSandbox PaaS 5.0.1 through 5.0.5 may allow an authenticathed administrator to read LDAP server credentials via client-side inspection...

Fortinet FortiClientEms 安全漏洞

Fortinet FortiClientEms is a centralized management system developed by the American company Fortinet. There is a security vulnerability in Fortinet FortiClientEms, which stems from SQL injection attacks. This vulnerability may allow for the execution of unauthorized code or commands. The followi...

PT-2026-32901

Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Divide By Zero vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application or render it unresponsive. Exploitation of this issue requires user interaction in that...

SUSE SLES15 Security Update : kernel (Live Patch 42 for SUSE Linux Enterprise 15 SP4) (SUSE-SU-2026:1281-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1281-1 advisory. This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.170 fixes various security issues The following security issues were fixed: ...

PT-2026-32601

Header injection vulnerability in Apache APISIX. The attacker can take advantage of certain configuration in forward-auth plugin to inject malicious headers. This issue affects Apache APISIX: from 2.12.0 through 3.15.0. Users are recommended to upgrade to version 3.16.0, which fixes the issue...

OpenSSL Toolkit 4.0.0

OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. This is the 4.0 release...

CVE-2025-65133

A SQL injection vulnerability exists in the School Management System version 1.0 by manikandan580. An unauthenticated or authenticated remote attacker can supply a crafted HTTP request to the affected endpoint to manipulate SQL query logic and extract sensitive database information...

School-Management-System 安全漏洞

School-Management-System is a school management system developed by Lahiru Danushka. Version 1.0 of School-Management-System has security vulnerabilities. These vulnerabilities stem from SQL injection attacks, which could allow unauthorized or authenticated remote attackers to manipulate SQL quer...

Linux Distros Unpatched Vulnerability : CVE-2019-25710

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dolibarr ERP-CRM 8.0.4 contains an SQL injection vulnerability in the rowid parameter of the admin dict.php endpoint that allows attackers to execute arbitrary...

PT-2026-32915

Chamilo LMS is an open-source learning management system. In version 2.0-RC.2, the file public/main/inc/ajax/install.ajax.php is accessible without authentication on fully installed instances because, unlike other AJAX endpoints, it does not include the global.inc.php file that performs...

Ubuntu: Security Advisory (USN-8167-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Adobe Bridge 15.1.4 < 15.1.5 / 16.x < 16.0.3 Multiple Vulnerabilities (APSB26-39)

The version of Adobe Bridge installed on the remote macOS or Mac OS X host is prior to 15.1.5 or 16.0.3. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb26-39 advisory. - Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow...

Photon OS 4.0: Libtiff PHSA-2025-4.0-0870

An update of the libtiff package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0870. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Adobe Bridge 15.1.4 < 15.1.5 / 16.x < 16.0.3 Multiple Vulnerabilities (APSB26-39)

The version of Adobe Bridge installed on the remote Windows host is prior to 15.1.5 or 16.0.3. It is, therefore, affected by multiple vulnerabilities as referenced in the apsb26-39 advisory. - Bridge versions 16.0.2, 15.1.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability th...

Linux Distros Unpatched Vulnerability : CVE-2026-33899

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick is free and open-source software used for editing and manipulating digital images. In versions below 7.1.2-189 and 6.9.13-44, when Magick parses an...

Amazon Linux 2 : freerdp, --advisory ALAS2-2026-3239 (ALAS-2026-3239)

The version of freerdp installed on the remote host is prior to 2.11.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3239 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap buffer overflow occu...

SUSE CVE-2026-31419

In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix use-after-free in bondxmitbroadcast bondxmitbroadcast reuses the original skb for the last slave determined by bondislastslave and clones it for others. Concurrent slave enslave/release can mutate the slave list...

SUSE CVE-2026-31423

In the Linux kernel, the following vulnerability has been resolved: net/sched: schhfsc: fix divide-by-zero in rtscmin m2sm converts a u32 slope to a u64 scaled value. For large inputs e.g. m1=4000000000, the result can reach 2^32. rtscmin stores the difference of two such u64 values in a u32...