Filter

Tenable NessusAs part of our Security Development Lifecycle, a potential privilege escalation issue was identified…

8.8
First published (updated )

Tenable Tenable.scXSS

First published (updated )

Tenable Tenable.scSSRF

First published (updated )

Tenable Tenable.scInput Validation

First published (updated )

Tenable Tenable.scA LDAP injection vulnerability exists in Tenable.sc due to improper validation of user-supplied inpu…

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

composer/composer/composerMissing input validation can lead to command execution in composer

8.8
First published (updated )

redhat/rh-sso7-keycloakPath Traversal in Moment.js

7.5
First published (updated )

Tenable Tenable.scTenable.sc versions 5.14.0 through 5.19.1 were found to contain a remote code execution vulnerabilit…

8.1
First published (updated )

macOS YosemitePossible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier

8.2
First published (updated )

macOS YosemitePossible buffer overflow when parsing multipart content in mod_lua of Apache HTTP Server 2.4.51 and earlier

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

PHPSpecial characters break path parsing in XML functions

First published (updated )

oracle primavera gatewayXSS in `*Text` options of the Datepicker widget

7.2
First published (updated )

Oracle Primavera UnifierXSS in the `of` option of the `.position()` util

7.2
First published (updated )

Oracle Primavera UnifierXSS in the `altField` option of the Datepicker widget

7.2
First published (updated )

composer/composer/composerCommand injection in composer on Windows

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Debian GNU/LinuxNULL pointer dereference in httpd core

7.5
First published (updated )

redhat/httpdmod_proxy SSRF

First published (updated )

Trellix ePolicy OrchestratorRead buffer overruns processing ASN.1 strings

7.4
First published (updated )

Oracle PeopleSoft Enterprise PeopleToolsSM2 Decryption Buffer Overflow

First published (updated )

redhat/jbcs-httpd24-httpdRequest splitting via HTTP/2 method injection and mod_proxy

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

IBM Cognos AnalyticsArbitrary Code Injection

First published (updated )

Node.jsNULL pointer deref in signature_algorithms processing

7.5
First published (updated )

Tenable Tenable.scTenable.sc and Tenable.sc Core versions 5.13.0 through 5.17.0 were found to contain a vulnerability …

8.8
First published (updated )

Tenable Nessus Network MonitorNull pointer deref in X509_issuer_and_serial_hash()

7.5
First published (updated )

Tenable Tenable.scIn certain scenarios in Tenable.sc prior to 5.17.0, a scanner could potentially be used outside the …

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Ubuntu LinuxPHP parses encoded cookie names so malicious `__Host-` cookies can be sent

First published (updated )

Ubuntu LinuxWrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV

First published (updated )

PHPUse of freed hash key in the phar_parse_zipfile function

First published (updated )

Tenable Tenable.scXSS, Input Validation

First published (updated )

PHPOOB Read in urldecode()

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203