PaperCut NG allows for unauthenticated XMLRPC commands to be run by default. Versions 22.0.12 and below are confirmed to be affected, but later versions may also be affected due to lack of a vendor su ...

Continue Reading

December 14, 2023

Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fix(es): ruby/cgi-gem: HTTP response s ...

Continue Reading

December 14, 2023

The remote SUSE Linux SLES15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3750-1 advisory. - The shell-quote package before 1.7.3 for N ...

Continue Reading

December 14, 2023

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7025 advisory. A ReDoS issue was discovered in the Time component t ...

Continue Reading

December 14, 2023

[![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgdIsCs00-fDDZ-6H14iX2RUr6EPCekSY9jGTKWpQ8UoPiBuisGO2cQLq2w6VFAs10mg5U4psHOMIl_dB8nF-ObXUtxQBu9jcS59sqK0uwwE5PDL09YvOgjSj1QUclaE4iOD4sV8_ ...

Continue Reading

December 14, 2023

Issue Overview: An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitset_set_range() du ...

Continue Reading

December 14, 2023

The version of ruby installed on the remote host is prior to 2.6.6-125. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2RUBY2.6-2023-007 advisory. - jQuery before 1. ...

Continue Reading

December 14, 2023

The version of php installed on the remote host is prior to 5.4.16-46. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2375 advisory. An issue was discovered i ...

Continue Reading

December 14, 2023