The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03198-1 adviso ...
Continue Reading
September 13, 2025
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. Movim prior to version 0.22 is affected by a Cross-Site WebSocke ...
Continue Reading
September 13, 2025
The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:03173-1 advisory. - CVE-2025-9086: bug in path comparison logic ...
Continue Reading
September 13, 2025
The version of Curl installed on the remote host is 8.11.0 prior to 8.16.0. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-10148 advisory. curl's websocket code did ...
Continue Reading
September 13, 2025
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:15699 advisory. MySQL is a multi-user, multi-threaded SQL ...
Continue Reading
September 13, 2025
Hoverfly is an open source API simulation tool. In versions 1.11.3 and prior, Hoverfly’s admin WebSocket endpoint /api/v2/ws/logs is not protected by the same authentication middleware that guards t ...
Continue Reading
September 12, 2025
A flaw was found in curl. The use of a predictable WebSocket mask pattern allows a malicious server to induce traffic that an intermediary proxy (whether configured or transparent) will misinterpret a ...
Continue Reading
September 12, 2025
curl's websocket code did not update the 32 bit mask pattern for each new outgoing frame as the specification says. Instead it used a fixed mask that persisted and was used throughout the entire ...
Continue Reading
September 12, 2025
Back to Main
